Update README

Changes how the system version is tracked from direct to via a cronjob.

.gitignore

@@ -0,0 +1,2 @@
+*.backup
+*.orig

README.md

@@ -4,14 +4,14 @@ This is a pfSense active template for Zabbix, based on Standard Agent and a php
 This is forked from https://github.com/rbicelli/pfsense-zabbix-template for FWS needs
 
 
-Tested with pfSense 2.4.x, Zabbix 4.0, Zabbix 5.0
+Tested with pfSense 2.5.x, Zabbix 4.0, Zabbix 5.0, Zabbix 6.0
 
 ## What it does
 
 **Template pfSense Active**
  
  - Network interface Discovery and Monitoring with User Assigned Names
- - Gateway Discovery and Monitoring (Gateway Status/RTT)
+ - Gateway Discovery and Monitoring (Gateway Status/RTT) 
  - OpenVPN Server Discovery and Monitoring (Server Status/Tunnel Status)
  - OpenVPN Clients Discovery and Monitoring (Client Status/Tunnel Status)
  - CARP Monitoring (Global CARP State)
@@ -28,21 +28,31 @@ Tested with pfSense 2.4.x, Zabbix 4.0, Zabbix 5.0
 
  - Discovery of IPsec Site-to-Site tunnels
  - Monitoring tunnel status (Phase 1 and Phase 2)
+ 
+**Template pfSense Active: Speedtest**
+
+ - Discovery of WAN Interfaces
+ - Perform speed tests and collect metrics
 
 
 ## Configuration
 
 First copy the file pfsense_zbx.php to your pfsense box (e.g. to /root/scripts).
 
-For example, from pfSense shell:
+From **Diagnostics/Command Prompt** input this one-liner:
 
 ```bash
 mkdir /root/zabbix
-curl -o /root/zabbix/pfsense_zbx.php https://git.fws.fr/fws/pfsense-zabbix/raw/branch/master/pfsense_zbx.php
+curl --create-dirs -o /root/scripts/pfsense_zbx.php https://raw.githubusercontent.com/rbicelli/pfsense-zabbix-template/master/pfsense_zbx.php
 ```
 
-Then install package "Zabbix Agent 4" on your pfSense Box
+Then, setup the system version cronjob with: 
 
+```bash 
+/usr/local/bin/php /root/scripts/pfsense_zbx.php sysversion_cron
+```
+
+Then install package "Zabbix Agent 5" (or "Zabbix Agent 6") on your pfSense Box
 
 In Advanced Features-> User Parameters
 
@@ -72,6 +82,46 @@ Possible values are:
 
 This is useful when monitoring services which could stay stopped on CARP Backup Member.
 
+
+## Setup Speedtest
+
+For running speedtests on WAN interfaces you have to install the speedtest package.
+
+From **Diagnostics/Command Prompt** input this commands:
+
+```bash
+pkg update && pkg install -y py38-speedtest-cli
+```
+
+Speedtest python package could be broken at the moment, so you could need an extra step, *only if manually executing speedtest results in an error*: download the latest version from package author's github repo.
+
+```bash
+curl -Lo /usr/local/lib/python3.8/site-packages/speedtest.py https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py
+```
+
+For testing if speedtest is installed properly you can try it:
+
+```bash
+/usr/local/bin/speedtest
+```
+
+Then, setup the cronjob with: 
+
+```bash 
+/url/local/bin/php /root/scripts/pfsense_zbx.php speedtest_cron
+```
+
+Remember that you will need to install the package on *every* pfSense upgrade.
+
+Speedtest template creates a cron job and check for entry everytime Zabbix requests its items. If you  want to uninstall the cron jobs simply run, from **Diagnostics/Command Prompt**:
+
+```bash
+/url/local/bin/php /root/scripts/pfsense_zbx.php cron_cleanup
+```
+
+**NOTE**: When used in multiple gateways scenario, speedtest results are OK only with default gateway. This is a known behavior that must be fixed upstream.
+
+
 ## Credits
 
 [Keenton Zabbix Template](https://github.com/keentonsas/zabbix-template-pfsense) for Zabbix Agent freeBSD part.

pfsense_zbx.php

@@ -1,12 +1,18 @@
 <?php
 /*** 
 pfsense_zbx.php - pfSense Zabbix Interface
-Version 1.0.2 - 2021-01-18
+Version 1.1.1 - 2021-10-24
 
 Written by Riccardo Bicelli <r.bicelli@gmail.com>
 This program is licensed under Apache 2.0 License
 */
 
+//Some Useful defines
+
+define('SPEEDTEST_INTERVAL', 8); //Speedtest Interval (in hours)
+define('CRON_TIME_LIMIT', 300); // Time limit in seconds of speedtest and sysinfo 
+define('DEFAULT_TIME_LIMIT', 30); // Time limit in seconds otherwise
+
 require_once('globals.inc');
 require_once('functions.inc');
 require_once('config.inc');
@@ -26,7 +32,6 @@ require_once('pkg-utils.inc');
 
 //For DHCP
 
-
 //Testing function, for template creating purpose
 function pfz_test(){
         $line = "-------------------\n";
@@ -90,40 +95,139 @@ function pfz_test(){
 
 // Interface Discovery
 // Improved performance
-function pfz_interface_discovery() {
+function pfz_interface_discovery($is_wan=false,$is_cron=false) {
     $ifdescrs = get_configured_interface_with_descr(true);
     $ifaces = get_interface_arr();
     $ifcs=array();
-
-    $json_string = '[';
-
+    $if_ret=array();
+ 
+    $json_string = '{"data":[';
+                   
     foreach ($ifdescrs as $ifname => $ifdescr){
           $ifinfo = get_interface_info($ifname);
           $ifinfo["description"] = $ifdescr;
-          $ifcs[$ifname] = $ifinfo;
-    }
+	      $ifcs[$ifname] = $ifinfo;	      
+    }    
 
     foreach ($ifaces as $hwif) {
-        $json_string .= '{"{#IFNAME}":"' . $hwif . '"';
-
+        
         $ifdescr = $hwif;
+        $has_gw = false;
+        $is_vpn = false;
+        $has_public_ip = false;
+        
         foreach($ifcs as $ifc=>$ifinfo){
                 if ($ifinfo["hwif"] == $hwif){
                         $ifdescr = $ifinfo["description"];
+                        if (array_key_exists("gateway",$ifinfo)) $has_gw=true;
+                        //	Issue #81 - https://stackoverflow.com/a/13818647/15093007
+                        if (filter_var($ifinfo["ipaddr"], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) $has_public_ip=true;
+                        if (strpos($ifinfo["if"],"ovpn")!==false) $is_vpn=true;
                         break;
                 }
         }
-
-        $json_string .= ',"{#IFDESCR}":"' . $ifdescr . '"';
-        $json_string .= '},';
+		
+		if ( ($is_wan==false) ||  (($is_wan==true) && (($has_gw==true) || ($has_public_ip==true)) && ($is_vpn==false)) ) { 
+		    $if_ret[]=$hwif;
+		    $json_string .= '{"{#IFNAME}":"' . $hwif . '"';
+		    $json_string .= ',"{#IFDESCR}":"' . $ifdescr . '"';
+		    $json_string .= '},';
+        }
+    
     }
     $json_string = rtrim($json_string,",");
     $json_string .= "]";
 
+	if ($is_cron) return $if_ret;
+	
     echo $json_string;
 }
 
 
+//Interface Speedtest
+function pfz_interface_speedtest_value($ifname, $value){	
+    $tvalue = explode(".", $value);    
+    
+    if (count($tvalue)>1) {
+    	$value = $tvalue[0];
+    	$subvalue = $tvalue[1];
+    }        
+    
+	//If the interface has a gateway is considered WAN, so let's do the speedtest
+	$filename = "/tmp/speedtest-$ifname";
+	
+	if (file_exists($filename)) {
+		$speedtest_data = json_decode(file_get_contents($filename), true) ?? [];
+		
+		if (array_key_exists($value, $speedtest_data)) {
+			if ($subvalue == false) 
+				echo $speedtest_data[$value];
+			else
+				echo $speedtest_data[$value][$subvalue];
+		}	
+	}
+			
+}
+
+// This is supposed to run via cron job
+function pfz_speedtest_cron(){
+	require_once("services.inc");
+	$ifdescrs = get_configured_interface_with_descr(true);
+    $ifaces = get_interface_arr();
+    $pf_interface_name='';
+    $subvalue=false;    
+		                       
+    $ifcs = pfz_interface_discovery(true, true);    
+    
+    foreach ($ifcs as $ifname) {
+          foreach ($ifdescrs as $ifn => $ifd){
+		      $ifinfo = get_interface_info($ifn);
+		      if($ifinfo['hwif']==$ifname) {
+		      	$pf_interface_name = $ifn;
+		      	break;
+		      }
+    	  }	
+		  pfz_speedtest_exec($ifname, $ifinfo['ipaddr']);
+    }
+}
+
+//installs a cron job for speedtests
+function pfz_speedtest_cron_install($enable=true){
+	//Install Cron Job
+	$command = "/usr/local/bin/php " . __FILE__ . " speedtest_cron";
+	install_cron_job($command, $enable, $minute = "*/15", "*", "*", "*", "*", "root", true);
+}        	
+
+
+// 2023-02-26:
+// Fixed issue #127
+function pfz_speedtest_exec ($ifname, $ipaddr){
+	
+	$filename = "/tmp/speedtest-$ifname";
+	$filetemp = "$filename.tmp";
+	$filerun = "/tmp/speedtest-run"; 
+	
+	// Issue #82
+	// Sleep random delay in order to avoid problem when 2 pfSense on the same Internet line
+	sleep (rand ( 1, 90));
+	
+	if ( (time()-filemtime($filename) > SPEEDTEST_INTERVAL * 3600) || (file_exists($filename)==false) ) {
+	  	// file is older than SPEEDTEST_INTERVAL
+	  	if ( (time()-filemtime($filerun) > 180 ) ) @unlink($filerun);
+
+		if (file_exists($filerun)==false) {	  			  		
+	  		touch($filerun);
+	  		$st_command = "/usr/local/bin/speedtest --secure --source $ipaddr --json > $filetemp";
+			exec ($st_command);
+			rename($filetemp,$filename);
+			@unlink($filerun);
+		}
+	}	
+	
+	return true;
+}
+
+
 // OpenVPN Server Discovery
 function pfz_openvpn_get_all_servers(){
      $servers = openvpn_get_active_servers();
@@ -161,7 +265,7 @@ function pfz_openvpn_servervalue($server_id,$valuekey){
                $value = $server[$valuekey];
                if ($valuekey=="status") {
                     if ( ($server['mode']=="server_user") || ($server['mode']=="server_tls_user") || ($server['mode']=="server_tls") ){
-                         if ($value=="") $value="server_user_listening";
+                         if ($value=="") $value="server_user_listening";                    
                     } else if ($server['mode']=="p2p_tls"){
                         // For p2p_tls, ensure we have one client, and return up if it's the case
                         if ($value=="")
@@ -202,16 +306,19 @@ function pfz_openvpn_server_userdiscovery(){
      $json_string = '[';
 
      foreach ($servers as $server){
-          if ( ($server['mode']=='server_user') || ($server['mode']=='server_tls_user') ) {
-               if (is_array($server['conns'])) {
+          if ( ($server['mode']=='server_user') || ($server['mode']=='server_tls_user') || ($server['mode']=='server_tls') ) {
+               if (is_array($server['conns'])) {               
                     $name = trim(preg_replace('/\w{3}(\d)?\:\d{4,5}/i', '', $server['name']));
-
+                    
                     foreach($server['conns'] as $conn) {
-                         $json_string .= '{"{#SERVERID}":"' . $server['vpnid'] . '"';
-                         $json_string .= ',"{#SERVERNAME}":"' . $name . '"';
-                         $json_string .= ',"{#UNIQUEID}":"' . $server['vpnid'] . '+' . $conn['common_name'] . '"';
-                         $json_string .= ',"{#USERID}":"' . $conn['common_name'] . '"';
-                         $json_string .= '},';
+                    	
+                    	$common_name = pfz_replacespecialchars($conn['common_name']);
+                    	               
+                        $json_string .= '{"{#SERVERID}":"' . $server['vpnid'] . '"';
+                        $json_string .= ',"{#SERVERNAME}":"' . $name . '"';
+                        $json_string .= ',"{#UNIQUEID}":"' . $server['vpnid'] . '+' . $common_name . '"';                         
+                        $json_string .= ',"{#USERID}":"' . $conn['common_name'] . '"';    
+                        $json_string .= '},';
                     }
                }
           }
@@ -226,6 +333,7 @@ function pfz_openvpn_server_userdiscovery(){
 // Get OpenVPN User Connected Value
 function pfz_openvpn_server_uservalue($unique_id, $valuekey, $default=""){
 
+	 $unique_id = pfz_replacespecialchars($unique_id,true);
      $atpos=strpos($unique_id,'+');
      $server_id = substr($unique_id,0,$atpos);
      $user_id = substr($unique_id,$atpos+1);
@@ -262,6 +370,20 @@ function pfz_openvpn_clientdiscovery() {
      echo $json_string;
 }
 
+function pfz_replacespecialchars($inputstr,$reverse=false){
+	 $specialchars = ",',\",`,*,?,[,],{,},~,$,!,&,;,(,),<,>,|,#,@,0x0a";
+	 $specialchars = explode(",",$specialchars);	 
+	 $resultstr = $inputstr;
+	 
+	 for ($n=0;$n<count($specialchars);$n++){
+	 	if ($reverse==false)
+	 		$resultstr = str_replace($specialchars[$n],'%%' . $n . '%',$resultstr);
+	 	else
+	 		$resultstr = str_replace('%%' . $n . '%',$specialchars[$n],$resultstr);
+	 }	 
+	 
+	 return ($resultstr);
+}
 
 function pfz_openvpn_clientvalue($client_id, $valuekey, $default="none"){
      $clients = openvpn_get_active_clients();
@@ -327,8 +449,8 @@ function pfz_service_value($name,$value){
      //List of service which are stopped on CARP Slave.
      //For now this is the best way i found for filtering out the triggers
      //Waiting for a way in Zabbix to use Global Regexp in triggers with items discovery
-     $stopped_on_carp_slave = array("haproxy","openvpn.","openvpn");
-
+     $stopped_on_carp_slave = array("haproxy","radvd","openvpn.","openvpn","avahi");
+     
      foreach ($services as $service){
           $namecfr = $service["name"];
           $carpcfr = $service["name"];
@@ -352,31 +474,33 @@ function pfz_service_value($name,$value){
                          $status = get_service_status($service);
                          if ($status=="") $status = 0;
                          echo $status;
-                         break;
+                         return;
 
                     case "name":
                          echo $namecfr;
-                         break;
+                         return;
 
                     case "enabled":
                          if (is_service_enabled($service['name']))
                               echo 1;
                          else
                               echo 0;
-                         break;
+                         return;
 
                     case "run_on_carp_slave":
                          if (in_array($carpcfr,$stopped_on_carp_slave))
                               echo 0;
                          else
                               echo 1;
-                         break;
-                    default:
+                         return;
+                    default:               
                          echo $service[$value];
-                         break;
+                         return;
                }
           }
     }
+
+    echo 0;
 }
 
 
@@ -411,9 +535,14 @@ function pfz_gw_value($gw, $valuekey) {
      $gws = return_gateways_status(true);
      if(array_key_exists($gw,$gws)) {
           $value = $gws[$gw][$valuekey];
-          if ($valuekey=="status")
+          if ($valuekey=="status") { 
+               //Issue #70: Gateway Forced Down
+               if ($gws[$gw]["substatus"]<>"none") 
+                    $value = $gws[$gw]["substatus"];
+               
                $value = pfz_valuemap("gateway.status", $value);
-          echo $value;
+          }     
+          echo $value;         
      }
 }
 
@@ -441,8 +570,7 @@ function pfz_ipsec_discovery_ph1(){
 
 }
 
-
-function pfz_ipsec_ph1($ikeid,$valuekey){
+function pfz_ipsec_ph1($ikeid,$valuekey){	
 	// Get Value from IPsec Phase 1 Configuration
 	// If Getting "disabled" value only check item presence in config array
 
@@ -538,28 +666,45 @@ function pfz_ipsec_status($ikeid,$reqid=-1,$valuekey='state'){
 	require_once("ipsec.inc");
 	global $config;
 	init_config_arr(array('ipsec', 'phase1'));
+	
 	$a_phase1 = &$config['ipsec']['phase1'];
+	$conmap = array();
+	foreach ($a_phase1 as $ph1ent) {
+	    if (function_exists('get_ipsecifnum')) {
+            if (get_ipsecifnum($ph1ent['ikeid'], 0)) {
+                $cname = "con" . get_ipsecifnum($ph1ent['ikeid'], 0);
+            } else {
+                $cname = "con{$ph1ent['ikeid']}00000";
+            }
+        } else{
+            $cname = ipsec_conid($ph1ent);
+        }
+        
+        $conmap[$cname] = $ph1ent['ikeid'];
+    }
+
 	$status = ipsec_list_sa();
 	$ipsecconnected = array();
-
+	
 	$carp_status = pfz_carp_status(false);
-
-	//Phase-Status match borrowed from status_ipsec.php
-	if (is_array($status)) {
+	
+	//Phase-Status match borrowed from status_ipsec.php	
+	if (is_array($status)) {		
 		foreach ($status as $l_ikeid=>$ikesa) {
-
-			if(isset($ikesa['con-id'])){
+			
+			if (isset($ikesa['con-id'])) {
 				$con_id = substr($ikesa['con-id'], 3);
-			}else{
-				$con_id = filter_var($l_ikeid, FILTER_SANITIZE_NUMBER_INT);
+			} else {
+				$con_id = filter_var($ikeid, FILTER_SANITIZE_NUMBER_INT);
 			}
+			$con_name = "con" . $con_id;
 			if ($ikesa['version'] == 1) {
-				$ph1idx = substr($con_id, 0, strrpos(substr($con_id, 0, -1), '00'));
+				$ph1idx = $conmap[$con_name];
 				$ipsecconnected[$ph1idx] = $ph1idx;
 			} else {
 				if (!ipsec_ikeid_used($con_id)) {
 					// probably a v2 with split connection then
-					$ph1idx = substr($con_id, 0, strrpos(substr($con_id, 0, -1), '00'));
+					$ph1idx = $conmap[$con_name];
 					$ipsecconnected[$ph1idx] = $ph1idx;
 				} else {
 					$ipsecconnected[$con_id] = $ph1idx = $con_id;
@@ -570,7 +715,7 @@ function pfz_ipsec_status($ikeid,$reqid=-1,$valuekey='state'){
 					// Asking for Phase2 Status Value
 					foreach ($ikesa['child-sas'] as $childsas) {
 						if ($childsas['reqid']==$reqid) {
-							if ($childsas['state'] == 'REKEYED') {
+							if (strtolower($childsas['state']) == 'rekeyed') {
 								//if state is rekeyed go on
 								$tmp_value = $childsas[$valuekey];
 							} else {
@@ -587,20 +732,56 @@ function pfz_ipsec_status($ikeid,$reqid=-1,$valuekey='state'){
 			}
 		}
 	}
+	
 	switch($valuekey) {
 					case 'state':
 						$value = pfz_valuemap('ipsec.state', strtolower($tmp_value));
-						if ($carp_status != 0)
-                                                    $value = $value + (10 * ($carp_status-1));
+						if ($carp_status!=0) $value = $value + (10 * ($carp_status-1));						
 						break;
 					default:
 						$value = $tmp_value;
 						break;
 	}
-//	print_r($ikesa);
+	
 	return $value;
 }
 
+// Temperature sensors Discovery
+function pfz_temperature_sensors_discovery(){
+
+
+	$json_string = '{"data":[';
+	$sensors = [];
+	exec("sysctl -a | grep temperature | cut -d ':' -f 1", $sensors, $code);
+	if ($code != 0) {
+	    echo "";
+	    return;
+	} else {
+        foreach ($sensors as $sensor) {
+            $json_string .= '{"{#SENSORID}":"' . $sensor . '"';
+            $json_string .= '},';
+        }
+    }
+
+	$json_string = rtrim($json_string,",");
+    $json_string .= "]}";
+
+    echo $json_string;
+
+}
+
+// Temperature sensor get value
+function pfz_get_temperature($sensorid){
+
+	exec("sysctl '$sensorid' | cut -d ':' -f 2", $value, $code);
+	if ($code != 0 or count($value)!=1) {
+	    echo "";
+	    return;
+	} else {
+	    echo trim($value[0]);
+    }
+
+}
 
 
 function pfz_carp_status($echo = true){
@@ -652,6 +833,182 @@ function pfz_carp_status($echo = true){
 
 }
 
+// DHCP Checks (copy of status_dhcp_leases.php, waiting for pfsense 2.5)
+function pfz_remove_duplicate($array, $field) {
+	foreach ($array as $sub) {
+		$cmp[] = $sub[$field];
+	}
+	$unique = array_unique(array_reverse($cmp, true));
+	foreach ($unique as $k => $rien) {
+		$new[] = $array[$k];
+	}
+	return $new;
+}
+
+// Get DHCP Arrays (copied from status_dhcp_leases.php, waiting for pfsense 2.5, in order to use system_get_dhcpleases();)
+function pfz_dhcp_get($valuekey) {
+
+	require_once("config.inc");
+	
+	$leasesfile = "{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases";
+
+	$awk = "/usr/bin/awk";
+	/* this pattern sticks comments into a single array item */
+	$cleanpattern = "'{ gsub(\"#.*\", \"\");} { gsub(\";\", \"\"); print;}'";
+	/* We then split the leases file by } */
+	$splitpattern = "'BEGIN { RS=\"}\";} {for (i=1; i<=NF; i++) printf \"%s \", \$i; printf \"}\\n\";}'";
+
+	/* stuff the leases file in a proper format into a array by line */
+	@exec("/bin/cat {$leasesfile} 2>/dev/null| {$awk} {$cleanpattern} | {$awk} {$splitpattern}", $leases_content);
+	$leases_count = count($leases_content);
+	@exec("/usr/sbin/arp -an", $rawdata);
+
+	$leases = [];
+	$pools = [];
+	
+	$i = 0;
+	$l = 0;
+	$p = 0;
+
+	foreach ($leases_content as $lease) {
+		/* split the line by space */
+		$data = explode(" ", $lease);
+		/* walk the fields */
+		$f = 0;
+		$fcount = count($data);
+		/* with less than 20 fields there is nothing useful */
+		if ($fcount < 20) {
+			$i++;
+			continue;
+		}
+		while ($f < $fcount) {
+			switch ($data[$f]) {
+				case "failover":
+					$pools[$p]['name'] = trim($data[$f+2], '"');
+					$pools[$p]['name'] = "{$pools[$p]['name']} (" . convert_friendly_interface_to_friendly_descr(substr($pools[$p]['name'], 5)) . ")";
+					$pools[$p]['mystate'] = $data[$f+7];
+					$pools[$p]['peerstate'] = $data[$f+14];
+					$pools[$p]['mydate'] = $data[$f+10];
+					$pools[$p]['mydate'] .= " " . $data[$f+11];
+					$pools[$p]['peerdate'] = $data[$f+17];
+					$pools[$p]['peerdate'] .= " " . $data[$f+18];
+					$p++;
+					$i++;
+					continue 3;
+				case "lease":
+					$leases[$l]['ip'] = $data[$f+1];
+					$leases[$l]['type'] = $dynamic_string;
+					$f = $f+2;
+					break;
+				case "starts":
+					$leases[$l]['start'] = $data[$f+2];
+					$leases[$l]['start'] .= " " . $data[$f+3];
+					$f = $f+3;
+					break;
+				case "ends":
+					if ($data[$f+1] == "never") {
+						// Quote from dhcpd.leases(5) man page:
+						// If a lease will never expire, date is never instead of an actual date.
+						$leases[$l]['end'] = gettext("Never");
+						$f = $f+1;
+					} else {
+						$leases[$l]['end'] = $data[$f+2];
+						$leases[$l]['end'] .= " " . $data[$f+3];
+						$f = $f+3;
+					}
+					break;
+				case "tstp":
+					$f = $f+3;
+					break;
+				case "tsfp":
+					$f = $f+3;
+					break;
+				case "atsfp":
+					$f = $f+3;
+					break;
+				case "cltt":
+					$f = $f+3;
+					break;
+				case "binding":
+					switch ($data[$f+2]) {
+						case "active":
+							$leases[$l]['act'] = $active_string;
+							break;
+						case "free":
+							$leases[$l]['act'] = $expired_string;
+							$leases[$l]['online'] = $offline_string;
+							break;
+						case "backup":
+							$leases[$l]['act'] = $reserved_string;
+							$leases[$l]['online'] = $offline_string;
+							break;
+					}
+					$f = $f+1;
+					break;
+				case "next":
+					/* skip the next binding statement */
+					$f = $f+3;
+					break;
+				case "rewind":
+					/* skip the rewind binding statement */
+					$f = $f+3;
+					break;
+				case "hardware":
+					$leases[$l]['mac'] = $data[$f+2];
+					/* check if it's online and the lease is active */
+					if (in_array($leases[$l]['ip'], $arpdata_ip)) {
+						$leases[$l]['online'] = $online_string;
+					} else {
+						$leases[$l]['online'] = $offline_string;
+					}
+					$f = $f+2;
+					break;
+				case "client-hostname":
+					if ($data[$f+1] <> "") {
+						$leases[$l]['hostname'] = preg_replace('/"/', '', $data[$f+1]);
+					} else {
+						$hostname = gethostbyaddr($leases[$l]['ip']);
+						if ($hostname <> "") {
+							$leases[$l]['hostname'] = $hostname;
+						}
+					}
+					$f = $f+1;
+					break;
+				case "uid":
+					$f = $f+1;
+					break;
+			}
+			$f++;
+		}
+		$l++;
+		$i++;
+		/* slowly chisel away at the source array */
+		array_shift($leases_content);
+	}
+	/* remove duplicate items by mac address */
+	if (count($leases) > 0) {
+		$leases = pfz_remove_duplicate($leases, "ip");
+	}
+
+	if (count($pools) > 0) {
+		$pools = pfz_remove_duplicate($pools, "name");
+		asort($pools);
+	}
+
+	switch ($valuekey){
+		case "pools":
+			return $pools;
+			break;
+		case "failover":
+			return $failover;
+			break;
+		case "leases":
+		default:
+			return $leases;		
+	}
+
+}
+
 function pfz_dhcpfailover_discovery(){
 	//System functions regarding DHCP Leases will be available in the upcoming release of pfSense, so let's wait
 	require_once("system.inc");
@@ -671,6 +1028,29 @@ function pfz_dhcpfailover_discovery(){
     echo $json_string;
 }
 
+function pfz_dhcp_check_failover(){
+	// Check DHCP Failover Status
+	// Returns number of failover pools which state is not normal or
+	// different than peer state
+	$failover = pfz_dhcp_get("failover");
+	$ret = 0;
+	foreach ($failover as $f){
+		if ( ($f["mystate"]!="normal") || ($f["mystate"]!=$f["peerstate"])) {
+			$ret++;
+		}
+	}		
+	return $ret;	
+}
+
+function pfz_dhcp($section, $valuekey=""){
+	switch ($section){
+		case "failover":
+			echo pfz_dhcp_check_failover();
+			break;
+		default:		
+	}
+}
+
 //Packages
 function pfz_packages_uptodate(){
 	require_once("pkg-utils.inc");
@@ -687,40 +1067,152 @@ function pfz_packages_uptodate(){
 	return $ret;
 }
 
+
+function pfz_sysversion_cron_install($enable=true){
+	//Install Cron Job
+	$command = "/usr/local/bin/php " . __FILE__ . " systemcheck_cron";
+	install_cron_job($command, $enable, $minute = "0", "9,21", "*", "*", "*", "root", true);
+}    
+
+// System information takes a long time to get on slower systems. 
+// So it is saved via a cronjob.
+function pfz_sysversion_cron (){	
+	$filename = "/tmp/sysversion.json";	
+	$upToDate = pfz_packages_uptodate();
+	$sysVersion = get_system_pkg_version();
+	$sysVersion["packages_update"] = $upToDate;
+	$sysVersionJson = json_encode($sysVersion);
+	if (file_exists($filename)) {
+		if ((time()-filemtime($filename) > CRON_TIME_LIMIT ) ) {
+			@unlink($filename);
+		}
+	}
+	if (file_exists($filename)==false) {	  
+		touch($filename);
+		file_put_contents($filename, $sysVersionJson);
+	}	
+	return true;
+} 
+
 //System Information
 function pfz_get_system_value($section){
+	$filename = "/tmp/sysversion.json";	
+	if(file_exists($filename)) {
+		$sysVersion = json_decode(file_get_contents($filename), true);
+	} else {
+		if($section == "new_version_available") {
+			echo "0";
+		} else {
+			echo "error: cronjob not installed. Run \"php pfsense_zbx.php sysversion_cron\""; 
+		}
+	}
      switch ($section){
           case "version":
-               echo( get_system_pkg_version()['version']);
+               echo( $sysVersion['version']);
                break;
           case "installed_version":
-               echo( get_system_pkg_version()['installed_version']);
+               echo($sysVersion['installed_version']);
                break;
           case "new_version_available":
-               $pkgver = get_system_pkg_version();
-               if ($pkgver['version']==$pkgver['installed_version'])
+               if ($sysVersion['version']==$sysVersion['installed_version'])
                     echo "0";
                else
                     echo "1";
                break;
           case "packages_update":
-          		echo pfz_packages_uptodate();
+          		echo $sysVersion["packages_update"];
           		break;
      }
 }
 
+//S.M.A.R.T Status
+// Taken from /usr/local/www/widgets/widgets/smart_status.widget.php
+function pfz_get_smart_status(){
+
+	$devs = get_smart_drive_list();
+	$status = 0;
+	foreach ($devs as $dev)  { ## for each found drive do                
+                $smartdrive_is_displayed = true;
+                $dev_ident = exec("diskinfo -v /dev/$dev | grep ident   | awk '{print $1}'"); ## get identifier from drive
+                $dev_state = trim(exec("smartctl -H /dev/$dev | awk -F: '/^SMART overall-health self-assessment test result/ {print $2;exit}
+/^SMART Health Status/ {print $2;exit}'")); ## get SMART state from drive
+                switch ($dev_state) {
+                        case "PASSED":
+                        case "OK":
+                                //OK
+                                $status=0;                                
+                                break;
+                        case "":
+                                //Unknown
+                                $status=2;
+                                return $status;
+                                break;
+                        default:
+                        		//Error
+                                $status=1;
+                                return $status;
+                                break;
+                }
+	}
+	
+	echo $status;
+}
+
+// Certificats validity date
+function pfz_get_cert_date($valuekey){
+    global $config;
+    
+    // Contains a list of refs that were revoked and should not be considered
+    $revoked_cert_refs = [];
+    foreach ($config["crl"] as $crl) {
+        foreach ($crl["cert"] as $revoked_cert) {
+            $revoked_cert_refs[] = $revoked_cert["refid"];
+        }
+    }
+    
+    $value = 0;
+        foreach (array("cert", "ca") as $cert_type) {
+                switch ($valuekey){
+                case "validFrom.max":
+                        foreach ($config[$cert_type] as $cert) {
+                                if ( ! in_array($cert['refid'], $revoked_cert_refs) ) {
+                                        $certinfo = openssl_x509_parse(base64_decode($cert["crt"]));
+                                        if ($value == 0 or $value < $certinfo['validFrom_time_t']) $value = $certinfo['validFrom_time_t'];
+                                }
+            		}
+                        break;
+                case "validTo.min":
+                        foreach ($config[$cert_type] as $cert) {
+                                if ( ! in_array($cert['refid'], $revoked_cert_refs) ) {
+                                        $certinfo = openssl_x509_parse(base64_decode($cert["crt"]));
+                                        if ($value == 0 or $value > $certinfo['validTo_time_t']) $value = $certinfo['validTo_time_t'];
+                                }
+                        }
+                        break;
+                }
+        }
+        echo $value;
+}
+
+// File is present
+function pfz_file_exists($filename) {
+	if (file_exists($filename))
+		echo "1";
+	else
+		echo "0";
+}
 
 
 // Value mappings
 // Each value map is represented by an associative array
 function pfz_valuemap($valuename, $value, $default="0"){
-
-     switch ($valuename){
+     switch ($valuename){     
 
           case "openvpn.server.status":
                     $valuemap = array(
                          "down" => "0",
                          "up" => "1",
+                         "connected (success)" => "1",
                          "none" => "2",
                          "reconnecting; ping-restart" => "3",
                          "waiting" => "4",
@@ -730,6 +1222,7 @@ function pfz_valuemap($valuename, $value, $default="0"){
           case "openvpn.client.status":
                     $valuemap = array(
                          "up" => "1",
+                         "connected (success)" => "1",
                          "down" => "0",
                          "none" => "0",
                          "reconnecting; ping-restart" => "2");
@@ -746,6 +1239,7 @@ function pfz_valuemap($valuename, $value, $default="0"){
 
           case "gateway.status":
                     $valuemap = array(
+                         "online" => "0",
                          "none" => "0",
                          "loss" => "1",
                          "highdelay" => "2",
@@ -797,9 +1291,11 @@ function pfz_valuemap($valuename, $value, $default="0"){
 
      }
 
-     if (array_key_exists($value, $valuemap))
-          return $valuemap[$value];
-     
+     if (is_array($valuemap)) {
+     	$value = strtolower($value);
+     	if (array_key_exists($value, $valuemap))
+          	return $valuemap[$value];
+     }
      return $default;
 }
 
@@ -809,6 +1305,9 @@ function pfz_discovery($section){
           case "gw":
                pfz_gw_discovery();
                break;
+          case "wan":
+          	   pfz_interface_discovery(true);
+               break;
           case "openvpn_server":
                pfz_openvpn_serverdiscovery();
                break;
@@ -833,11 +1332,23 @@ function pfz_discovery($section){
           case "dhcpfailover":
           	   pfz_dhcpfailover_discovery();
                break;
-     }
+          case "temperature_sensors":
+               pfz_temperature_sensors_discovery();
+               break;
+     }         
 }
 
 //Main Code
-switch (strtolower($argv[1])){
+$mainArgument = strtolower($argv[1]);
+if(substr($mainArgument, -4, 4) == "cron") {
+	// A longer time limit for cron tasks.
+	set_time_limit(CRON_TIME_LIMIT);
+} else {
+	// Set a timeout to prevent a blocked call from stopping all future calls.
+    set_time_limit(DEFAULT_TIME_LIMIT);
+}
+
+switch ($mainArgument){     
      case "discovery":
           pfz_discovery($argv[2]);
           break;
@@ -847,6 +1358,10 @@ switch (strtolower($argv[1])){
      case "gw_status":
           pfz_gw_rawstatus();
           break;
+	 case "if_speedtest_value":
+	      pfz_speedtest_cron_install();
+	 	  pfz_interface_speedtest_value($argv[2],$argv[3]);
+	 	  break;
      case "openvpn_servervalue":
           pfz_openvpn_servervalue($argv[2],$argv[3]);
           break;
@@ -868,6 +1383,10 @@ switch (strtolower($argv[1])){
      case "if_name":
           pfz_get_if_name($argv[2]);
           break;
+     case "sysversion_cron":
+          pfz_sysversion_cron_install();
+          pfz_sysversion_cron();
+          break;
      case "system":
           pfz_get_system_value($argv[2]);
           break;
@@ -877,6 +1396,29 @@ switch (strtolower($argv[1])){
      case "ipsec_ph2":
           pfz_ipsec_ph2($argv[2],$argv[3]);
           break;
+     case "dhcp":
+     	  pfz_dhcp($argv[2],$argv[3]);
+          break;
+     case "file_exists":
+     	  pfz_file_exists($argv[2]);
+     	  break;
+     case "speedtest_cron":
+     	  pfz_speedtest_cron_install();
+     	  pfz_speedtest_cron();
+     	  break;
+     case "cron_cleanup":
+     	  pfz_speedtest_cron_install(false);
+     	  pfz_sysversion_cron_install(false);
+     	  break;
+     case "smart_status":
+          pfz_get_smart_status();
+          break;     	  
+     case "cert_date":
+          pfz_get_cert_date($argv[2]);
+          break;
+     case "temperature":
+          pfz_get_temperature($argv[2]);
+          break;
      default:
           pfz_test();
 }

zabbix4/template_pfsense_active.xml

@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <zabbix_export>
     <version>4.0</version>
-    <date>2021-01-18T15:00:52Z</date>
+    <date>2021-07-04T19:16:51Z</date>
     <groups>
         <group>
             <name>Templates/Network Devices</name>
@@ -21,9 +21,6 @@ https://github.com/rbicelli/pfsense-zabbix-template</description>
                 </group>
             </groups>
             <applications>
-                <application>
-                    <name>CARP</name>
-                </application>
                 <application>
                     <name>CPU</name>
                 </application>
@@ -33,6 +30,9 @@ https://github.com/rbicelli/pfsense-zabbix-template</description>
                 <application>
                     <name>Gateways</name>
                 </application>
+                <application>
+                    <name>HA</name>
+                </application>
                 <application>
                     <name>Memory</name>
                 </application>
@@ -271,7 +271,7 @@ https://github.com/rbicelli/pfsense-zabbix-template</description>
                     <inventory_link>0</inventory_link>
                     <applications>
                         <application>
-                            <name>CARP</name>
+                            <name>HA</name>
                         </application>
                     </applications>
                     <valuemap>
@@ -745,7 +745,7 @@ https://github.com/rbicelli/pfsense-zabbix-template</description>
                     <inventory_link>0</inventory_link>
                     <applications>
                         <application>
-                            <name>CARP</name>
+                            <name>HA</name>
                         </application>
                     </applications>
                     <valuemap>
@@ -774,6 +774,65 @@ https://github.com/rbicelli/pfsense-zabbix-template</description>
                     <verify_host>0</verify_host>
                     <master_item/>
                 </item>
+                <item>
+                    <name>DHCP Failover Pool Problems</name>
+                    <type>7</type>
+                    <snmp_community/>
+                    <snmp_oid/>
+                    <key>pfsense.value[dhcp,failover]</key>
+                    <delay>120s</delay>
+                    <history>90d</history>
+                    <trends>365d</trends>
+                    <status>0</status>
+                    <value_type>3</value_type>
+                    <allowed_hosts/>
+                    <units/>
+                    <snmpv3_contextname/>
+                    <snmpv3_securityname/>
+                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
+                    <snmpv3_authprotocol>0</snmpv3_authprotocol>
+                    <snmpv3_authpassphrase/>
+                    <snmpv3_privprotocol>0</snmpv3_privprotocol>
+                    <snmpv3_privpassphrase/>
+                    <params/>
+                    <ipmi_sensor/>
+                    <authtype>0</authtype>
+                    <username/>
+                    <password/>
+                    <publickey/>
+                    <privatekey/>
+                    <port/>
+                    <description>This value indicates, in a HA scenario, if DHCP failover pool partners are out of sync.</description>
+                    <inventory_link>0</inventory_link>
+                    <applications>
+                        <application>
+                            <name>HA</name>
+                        </application>
+                    </applications>
+                    <valuemap/>
+                    <logtimefmt/>
+                    <preprocessing/>
+                    <jmx_endpoint/>
+                    <timeout>3s</timeout>
+                    <url/>
+                    <query_fields/>
+                    <posts/>
+                    <status_codes>200</status_codes>
+                    <follow_redirects>1</follow_redirects>
+                    <post_type>0</post_type>
+                    <http_proxy/>
+                    <headers/>
+                    <retrieve_mode>0</retrieve_mode>
+                    <request_method>0</request_method>
+                    <output_format>0</output_format>
+                    <allow_traps>0</allow_traps>
+                    <ssl_cert_file/>
+                    <ssl_key_file/>
+                    <ssl_key_password/>
+                    <verify_peer>0</verify_peer>
+                    <verify_host>0</verify_host>
+                    <master_item/>
+                </item>
                 <item>
                     <name>Gateway Status Raw</name>
                     <type>7</type>
@@ -2466,7 +2525,7 @@ https://github.com/rbicelli/pfsense-zabbix-template</description>
                     <publickey/>
                     <privatekey/>
                     <port/>
-                    <description>quantité de mémoire en cours d'utilisation par les processus</description>
+                    <description>Memory used by processes</description>
                     <inventory_link>0</inventory_link>
                     <applications>
                         <application>
@@ -2645,7 +2704,7 @@ https://github.com/rbicelli/pfsense-zabbix-template</description>
                     <publickey/>
                     <privatekey/>
                     <port/>
-                    <description>quantité de mémoire utilisée pour mettre des données en cache</description>
+                    <description>amount of memory used to cache data</description>
                     <inventory_link>0</inventory_link>
                     <applications>
                         <application>
@@ -2704,7 +2763,7 @@ https://github.com/rbicelli/pfsense-zabbix-template</description>
                     <publickey/>
                     <privatekey/>
                     <port/>
-                    <description>quantité de mémoire complètement libre et prête a être utilisée directement.</description>
+                    <description>amount of memory completely free and ready to be used directly.</description>
                     <inventory_link>0</inventory_link>
                     <applications>
                         <application>
@@ -2763,7 +2822,7 @@ https://github.com/rbicelli/pfsense-zabbix-template</description>
                     <publickey/>
                     <privatekey/>
                     <port/>
-                    <description>quantité de mémoire qui contient des données qui ne sont plus utilisées (peut être directement libéré si besoin)</description>
+                    <description>amount of memory that contains data that is no longer used (can be directly freed if needed)</description>
                     <inventory_link>0</inventory_link>
                     <applications>
                         <application>
@@ -3065,7 +3124,7 @@ https://github.com/rbicelli/pfsense-zabbix-template</description>
                     <publickey/>
                     <privatekey/>
                     <port/>
-                    <description>quantité de mémoire utilisée par le kernel, ne peut être ni déchargée en swap, ni compressée.</description>
+                    <description>amount of memory used by the kernel, can neither be unloaded in swap, nor compressed.</description>
                     <inventory_link>0</inventory_link>
                     <applications>
                         <application>
@@ -4420,14 +4479,21 @@ https://github.com/rbicelli/pfsense-zabbix-template</description>
                     <filter>
                         <evaltype>0</evaltype>
                         <formula/>
-                        <conditions/>
+                        <conditions>
+                            <condition>
+                                <macro>{#SERVICE}</macro>
+                                <value>@pfSense service names for discovery</value>
+                                <operator>8</operator>
+                                <formulaid>A</formulaid>
+                            </condition>
+                        </conditions>
                     </filter>
                     <lifetime>30d</lifetime>
                     <description/>
                     <item_prototypes>
                         <item_prototype>
                             <name>Service {#DESCRIPTION}  enabled on CARP Slave</name>
-                            <type>0</type>
+                            <type>7</type>
                             <snmp_community/>
                             <snmp_oid/>
                             <key>pfsense.value[service_value,{#SERVICE},run_on_carp_slave]</key>
@@ -4489,7 +4555,7 @@ https://github.com/rbicelli/pfsense-zabbix-template</description>
                         </item_prototype>
                         <item_prototype>
                             <name>Service {#DESCRIPTION} Status</name>
-                            <type>0</type>
+                            <type>7</type>
                             <snmp_community/>
                             <snmp_oid/>
                             <key>pfsense.value[service_value,{#SERVICE},status]</key>
@@ -5254,6 +5320,22 @@ or&#13;
             <dependencies/>
             <tags/>
         </trigger>
+        <trigger>
+            <expression>{Template pfSense Active:pfsense.value[carp_status].last()}&gt;2</expression>
+            <recovery_mode>0</recovery_mode>
+            <recovery_expression/>
+            <name>DHCP Failover Problems on {HOST.NAME}</name>
+            <correlation_mode>0</correlation_mode>
+            <correlation_tag/>
+            <url>https://docs.netgate.com/pfsense/en/latest/troubleshooting/ha-dhcp-failover.html</url>
+            <status>0</status>
+            <priority>4</priority>
+            <description>One or more DHCP Pools are experiencing failover problems. This could potentially cause other problems in yourr network.</description>
+            <type>0</type>
+            <manual_close>0</manual_close>
+            <dependencies/>
+            <tags/>
+        </trigger>
         <trigger>
             <expression>{Template pfSense Active:system.uname.diff(0)}&gt;0</expression>
             <recovery_mode>0</recovery_mode>
@@ -5392,7 +5474,7 @@ or&#13;
             <url/>
             <status>0</status>
             <priority>1</priority>
-            <description>Notify of new version of packages are available</description>
+            <description>New version of packages are available</description>
             <type>0</type>
             <manual_close>0</manual_close>
             <dependencies/>

zabbix4/template_pfsense_active_ipsec.xml

@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <zabbix_export>
     <version>4.0</version>
-    <date>2021-01-18T15:02:45Z</date>
+    <date>2021-01-18T21:30:16Z</date>
     <groups>
         <group>
             <name>Templates/Network Devices</name>
@@ -504,188 +504,6 @@ https://github.com/rbicelli/pfsense-zabbix-template</description>
                     <lifetime>30d</lifetime>
                     <description>Discovery of IPsec Phase 2</description>
                     <item_prototypes>
-                        <item_prototype>
-                            <name>IPsec Tunnel  {#IKEID}.{#REQID} {#NAME} Phase 2 Byte Received</name>
-                            <type>7</type>
-                            <snmp_community/>
-                            <snmp_oid/>
-                            <key>pfsense.value[ipsec_ph2,{#EXTID},status.bytes-in]</key>
-                            <delay>60s</delay>
-                            <history>90d</history>
-                            <trends>365d</trends>
-                            <status>0</status>
-                            <value_type>3</value_type>
-                            <allowed_hosts/>
-                            <units>b</units>
-                            <snmpv3_contextname/>
-                            <snmpv3_securityname/>
-                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
-                            <snmpv3_authprotocol>0</snmpv3_authprotocol>
-                            <snmpv3_authpassphrase/>
-                            <snmpv3_privprotocol>0</snmpv3_privprotocol>
-                            <snmpv3_privpassphrase/>
-                            <params/>
-                            <ipmi_sensor/>
-                            <authtype>0</authtype>
-                            <username/>
-                            <password/>
-                            <publickey/>
-                            <privatekey/>
-                            <port/>
-                            <description>IPsec Tunnel Phase 2 Protocol</description>
-                            <inventory_link>0</inventory_link>
-                            <applications>
-                                <application>
-                                    <name>IPsec</name>
-                                </application>
-                            </applications>
-                            <valuemap/>
-                            <logtimefmt/>
-                            <preprocessing/>
-                            <jmx_endpoint/>
-                            <timeout>3s</timeout>
-                            <url/>
-                            <query_fields/>
-                            <posts/>
-                            <status_codes>200</status_codes>
-                            <follow_redirects>1</follow_redirects>
-                            <post_type>0</post_type>
-                            <http_proxy/>
-                            <headers/>
-                            <retrieve_mode>0</retrieve_mode>
-                            <request_method>0</request_method>
-                            <output_format>0</output_format>
-                            <allow_traps>0</allow_traps>
-                            <ssl_cert_file/>
-                            <ssl_key_file/>
-                            <ssl_key_password/>
-                            <verify_peer>0</verify_peer>
-                            <verify_host>0</verify_host>
-                            <application_prototypes/>
-                            <master_item/>
-                        </item_prototype>
-                        <item_prototype>
-                            <name>IPsec Tunnel  {#IKEID}.{#REQID} {#NAME} Phase 2 Byte Sent</name>
-                            <type>7</type>
-                            <snmp_community/>
-                            <snmp_oid/>
-                            <key>pfsense.value[ipsec_ph2,{#EXTID},status.bytes-out]</key>
-                            <delay>60s</delay>
-                            <history>90d</history>
-                            <trends>365d</trends>
-                            <status>0</status>
-                            <value_type>3</value_type>
-                            <allowed_hosts/>
-                            <units>b</units>
-                            <snmpv3_contextname/>
-                            <snmpv3_securityname/>
-                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
-                            <snmpv3_authprotocol>0</snmpv3_authprotocol>
-                            <snmpv3_authpassphrase/>
-                            <snmpv3_privprotocol>0</snmpv3_privprotocol>
-                            <snmpv3_privpassphrase/>
-                            <params/>
-                            <ipmi_sensor/>
-                            <authtype>0</authtype>
-                            <username/>
-                            <password/>
-                            <publickey/>
-                            <privatekey/>
-                            <port/>
-                            <description>IPsec Tunnel Phase 2 Protocol</description>
-                            <inventory_link>0</inventory_link>
-                            <applications>
-                                <application>
-                                    <name>IPsec</name>
-                                </application>
-                            </applications>
-                            <valuemap/>
-                            <logtimefmt/>
-                            <preprocessing/>
-                            <jmx_endpoint/>
-                            <timeout>3s</timeout>
-                            <url/>
-                            <query_fields/>
-                            <posts/>
-                            <status_codes>200</status_codes>
-                            <follow_redirects>1</follow_redirects>
-                            <post_type>0</post_type>
-                            <http_proxy/>
-                            <headers/>
-                            <retrieve_mode>0</retrieve_mode>
-                            <request_method>0</request_method>
-                            <output_format>0</output_format>
-                            <allow_traps>0</allow_traps>
-                            <ssl_cert_file/>
-                            <ssl_key_file/>
-                            <ssl_key_password/>
-                            <verify_peer>0</verify_peer>
-                            <verify_host>0</verify_host>
-                            <application_prototypes/>
-                            <master_item/>
-                        </item_prototype>
-                        <item_prototype>
-                            <name>IPsec Tunnel  {#IKEID}.{#REQID} {#NAME} Phase 2 Status</name>
-                            <type>7</type>
-                            <snmp_community/>
-                            <snmp_oid/>
-                            <key>pfsense.value[ipsec_ph2,{#EXTID},status]</key>
-                            <delay>60s</delay>
-                            <history>90d</history>
-                            <trends>365d</trends>
-                            <status>0</status>
-                            <value_type>3</value_type>
-                            <allowed_hosts/>
-                            <units/>
-                            <snmpv3_contextname/>
-                            <snmpv3_securityname/>
-                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
-                            <snmpv3_authprotocol>0</snmpv3_authprotocol>
-                            <snmpv3_authpassphrase/>
-                            <snmpv3_privprotocol>0</snmpv3_privprotocol>
-                            <snmpv3_privpassphrase/>
-                            <params/>
-                            <ipmi_sensor/>
-                            <authtype>0</authtype>
-                            <username/>
-                            <password/>
-                            <publickey/>
-                            <privatekey/>
-                            <port/>
-                            <description>IPsec Tunnel Phase 2 Protocol</description>
-                            <inventory_link>0</inventory_link>
-                            <applications>
-                                <application>
-                                    <name>IPsec</name>
-                                </application>
-                            </applications>
-                            <valuemap>
-                                <name>pfSense IPsec Phase 2 Status</name>
-                            </valuemap>
-                            <logtimefmt/>
-                            <preprocessing/>
-                            <jmx_endpoint/>
-                            <timeout>3s</timeout>
-                            <url/>
-                            <query_fields/>
-                            <posts/>
-                            <status_codes>200</status_codes>
-                            <follow_redirects>1</follow_redirects>
-                            <post_type>0</post_type>
-                            <http_proxy/>
-                            <headers/>
-                            <retrieve_mode>0</retrieve_mode>
-                            <request_method>0</request_method>
-                            <output_format>0</output_format>
-                            <allow_traps>0</allow_traps>
-                            <ssl_cert_file/>
-                            <ssl_key_file/>
-                            <ssl_key_password/>
-                            <verify_peer>0</verify_peer>
-                            <verify_host>0</verify_host>
-                            <application_prototypes/>
-                            <master_item/>
-                        </item_prototype>
                         <item_prototype>
                             <name>IPsec Tunnel  {#IKEID}.{#REQID} {#NAME} Phase 2 Enabled</name>
                             <type>7</type>
@@ -1025,27 +843,6 @@ https://github.com/rbicelli/pfsense-zabbix-template</description>
                 </mapping>
             </mappings>
         </value_map>
-        <value_map>
-            <name>pfSense IPsec Phase 2 Status</name>
-            <mappings>
-                <mapping>
-                    <value>0</value>
-                    <newvalue>Down</newvalue>
-                </mapping>
-                <mapping>
-                    <value>1</value>
-                    <newvalue>Installed</newvalue>
-                </mapping>
-                <mapping>
-                    <value>2</value>
-                    <newvalue>Rekeyed</newvalue>
-                </mapping>
-                <mapping>
-                    <value>10</value>
-                    <newvalue>Down on CARP Secondary</newvalue>
-                </mapping>
-            </mappings>
-        </value_map>
         <value_map>
             <name>pfSense IPsec Protocol</name>
             <mappings>

zabbix4/template_pfsense_active_speedtest.xml

@@ -0,0 +1,332 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<zabbix_export>
+    <version>4.0</version>
+    <date>2021-07-05T15:51:20Z</date>
+    <groups>
+        <group>
+            <name>Templates/Network Devices</name>
+        </group>
+    </groups>
+    <templates>
+        <template>
+            <template>pfSense Active Speedtest</template>
+            <name>pfSense Active: Speedtest</name>
+            <description>Extension for pfSense Active Template.&#13;
+Executes Speedtests on WAN Interfaces.&#13;
+&#13;
+Requires pfsense_zbx.php installed to pfSense Box.&#13;
+Version 1.0.5&#13;
+&#13;
+https://github.com/rbicelli/pfsense-zabbix-template</description>
+            <groups>
+                <group>
+                    <name>Templates/Network Devices</name>
+                </group>
+            </groups>
+            <applications>
+                <application>
+                    <name>Network interfaces</name>
+                </application>
+            </applications>
+            <items/>
+            <discovery_rules>
+                <discovery_rule>
+                    <name>WAN Interfaces</name>
+                    <type>7</type>
+                    <snmp_community/>
+                    <snmp_oid/>
+                    <key>pfsense.discovery[wan]</key>
+                    <delay>300s</delay>
+                    <status>0</status>
+                    <allowed_hosts/>
+                    <snmpv3_contextname/>
+                    <snmpv3_securityname/>
+                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
+                    <snmpv3_authprotocol>0</snmpv3_authprotocol>
+                    <snmpv3_authpassphrase/>
+                    <snmpv3_privprotocol>0</snmpv3_privprotocol>
+                    <snmpv3_privpassphrase/>
+                    <params/>
+                    <ipmi_sensor/>
+                    <authtype>0</authtype>
+                    <username/>
+                    <password/>
+                    <publickey/>
+                    <privatekey/>
+                    <port/>
+                    <filter>
+                        <evaltype>0</evaltype>
+                        <formula/>
+                        <conditions/>
+                    </filter>
+                    <lifetime>30d</lifetime>
+                    <description>Discover WAN Interfaces</description>
+                    <item_prototypes>
+                        <item_prototype>
+                            <name>Speedtest Download on {#IFDESCR}</name>
+                            <type>7</type>
+                            <snmp_community/>
+                            <snmp_oid/>
+                            <key>pfsense.value[if_speedtest_value,{#IFNAME},download]</key>
+                            <delay>3600s</delay>
+                            <history>90d</history>
+                            <trends>365d</trends>
+                            <status>0</status>
+                            <value_type>0</value_type>
+                            <allowed_hosts/>
+                            <units>bps</units>
+                            <snmpv3_contextname/>
+                            <snmpv3_securityname/>
+                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
+                            <snmpv3_authprotocol>0</snmpv3_authprotocol>
+                            <snmpv3_authpassphrase/>
+                            <snmpv3_privprotocol>0</snmpv3_privprotocol>
+                            <snmpv3_privpassphrase/>
+                            <params/>
+                            <ipmi_sensor/>
+                            <authtype>0</authtype>
+                            <username/>
+                            <password/>
+                            <publickey/>
+                            <privatekey/>
+                            <port/>
+                            <description>Download speed determined by Ookla Speedtest package</description>
+                            <inventory_link>0</inventory_link>
+                            <applications>
+                                <application>
+                                    <name>Network interfaces</name>
+                                </application>
+                            </applications>
+                            <valuemap/>
+                            <logtimefmt/>
+                            <preprocessing/>
+                            <jmx_endpoint/>
+                            <timeout>3s</timeout>
+                            <url/>
+                            <query_fields/>
+                            <posts/>
+                            <status_codes>200</status_codes>
+                            <follow_redirects>1</follow_redirects>
+                            <post_type>0</post_type>
+                            <http_proxy/>
+                            <headers/>
+                            <retrieve_mode>0</retrieve_mode>
+                            <request_method>0</request_method>
+                            <output_format>0</output_format>
+                            <allow_traps>0</allow_traps>
+                            <ssl_cert_file/>
+                            <ssl_key_file/>
+                            <ssl_key_password/>
+                            <verify_peer>0</verify_peer>
+                            <verify_host>0</verify_host>
+                            <application_prototypes/>
+                            <master_item/>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>Speedtest Ping on {#IFDESCR}</name>
+                            <type>7</type>
+                            <snmp_community/>
+                            <snmp_oid/>
+                            <key>pfsense.value[if_speedtest_value,{#IFNAME},ping]</key>
+                            <delay>3600s</delay>
+                            <history>90d</history>
+                            <trends>365d</trends>
+                            <status>0</status>
+                            <value_type>0</value_type>
+                            <allowed_hosts/>
+                            <units>ms</units>
+                            <snmpv3_contextname/>
+                            <snmpv3_securityname/>
+                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
+                            <snmpv3_authprotocol>0</snmpv3_authprotocol>
+                            <snmpv3_authpassphrase/>
+                            <snmpv3_privprotocol>0</snmpv3_privprotocol>
+                            <snmpv3_privpassphrase/>
+                            <params/>
+                            <ipmi_sensor/>
+                            <authtype>0</authtype>
+                            <username/>
+                            <password/>
+                            <publickey/>
+                            <privatekey/>
+                            <port/>
+                            <description>Ping determined by Ookla Speedtest package</description>
+                            <inventory_link>0</inventory_link>
+                            <applications>
+                                <application>
+                                    <name>Network interfaces</name>
+                                </application>
+                            </applications>
+                            <valuemap/>
+                            <logtimefmt/>
+                            <preprocessing/>
+                            <jmx_endpoint/>
+                            <timeout>3s</timeout>
+                            <url/>
+                            <query_fields/>
+                            <posts/>
+                            <status_codes>200</status_codes>
+                            <follow_redirects>1</follow_redirects>
+                            <post_type>0</post_type>
+                            <http_proxy/>
+                            <headers/>
+                            <retrieve_mode>0</retrieve_mode>
+                            <request_method>0</request_method>
+                            <output_format>0</output_format>
+                            <allow_traps>0</allow_traps>
+                            <ssl_cert_file/>
+                            <ssl_key_file/>
+                            <ssl_key_password/>
+                            <verify_peer>0</verify_peer>
+                            <verify_host>0</verify_host>
+                            <application_prototypes/>
+                            <master_item/>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>Speedtest Upload on {#IFDESCR}</name>
+                            <type>7</type>
+                            <snmp_community/>
+                            <snmp_oid/>
+                            <key>pfsense.value[if_speedtest_value,{#IFNAME},upload]</key>
+                            <delay>3600s</delay>
+                            <history>90d</history>
+                            <trends>365d</trends>
+                            <status>0</status>
+                            <value_type>0</value_type>
+                            <allowed_hosts/>
+                            <units>bps</units>
+                            <snmpv3_contextname/>
+                            <snmpv3_securityname/>
+                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
+                            <snmpv3_authprotocol>0</snmpv3_authprotocol>
+                            <snmpv3_authpassphrase/>
+                            <snmpv3_privprotocol>0</snmpv3_privprotocol>
+                            <snmpv3_privpassphrase/>
+                            <params/>
+                            <ipmi_sensor/>
+                            <authtype>0</authtype>
+                            <username/>
+                            <password/>
+                            <publickey/>
+                            <privatekey/>
+                            <port/>
+                            <description>Ping determined by Ookla Speedtest package</description>
+                            <inventory_link>0</inventory_link>
+                            <applications>
+                                <application>
+                                    <name>Network interfaces</name>
+                                </application>
+                            </applications>
+                            <valuemap/>
+                            <logtimefmt/>
+                            <preprocessing/>
+                            <jmx_endpoint/>
+                            <timeout>3s</timeout>
+                            <url/>
+                            <query_fields/>
+                            <posts/>
+                            <status_codes>200</status_codes>
+                            <follow_redirects>1</follow_redirects>
+                            <post_type>0</post_type>
+                            <http_proxy/>
+                            <headers/>
+                            <retrieve_mode>0</retrieve_mode>
+                            <request_method>0</request_method>
+                            <output_format>0</output_format>
+                            <allow_traps>0</allow_traps>
+                            <ssl_cert_file/>
+                            <ssl_key_file/>
+                            <ssl_key_password/>
+                            <verify_peer>0</verify_peer>
+                            <verify_host>0</verify_host>
+                            <application_prototypes/>
+                            <master_item/>
+                        </item_prototype>
+                    </item_prototypes>
+                    <trigger_prototypes/>
+                    <graph_prototypes>
+                        <graph_prototype>
+                            <name>Speedtest metrics on {#IFDESCR}</name>
+                            <width>900</width>
+                            <height>200</height>
+                            <yaxismin>0.0000</yaxismin>
+                            <yaxismax>100.0000</yaxismax>
+                            <show_work_period>1</show_work_period>
+                            <show_triggers>1</show_triggers>
+                            <type>0</type>
+                            <show_legend>1</show_legend>
+                            <show_3d>0</show_3d>
+                            <percent_left>0.0000</percent_left>
+                            <percent_right>0.0000</percent_right>
+                            <ymin_type_1>0</ymin_type_1>
+                            <ymax_type_1>0</ymax_type_1>
+                            <ymin_item_1>0</ymin_item_1>
+                            <ymax_item_1>0</ymax_item_1>
+                            <graph_items>
+                                <graph_item>
+                                    <sortorder>0</sortorder>
+                                    <drawtype>0</drawtype>
+                                    <color>199C0D</color>
+                                    <yaxisside>0</yaxisside>
+                                    <calc_fnc>7</calc_fnc>
+                                    <type>0</type>
+                                    <item>
+                                        <host>pfSense Active Speedtest</host>
+                                        <key>pfsense.value[if_speedtest_value,{#IFNAME},download]</key>
+                                    </item>
+                                </graph_item>
+                                <graph_item>
+                                    <sortorder>1</sortorder>
+                                    <drawtype>0</drawtype>
+                                    <color>FFFF00</color>
+                                    <yaxisside>0</yaxisside>
+                                    <calc_fnc>7</calc_fnc>
+                                    <type>0</type>
+                                    <item>
+                                        <host>pfSense Active Speedtest</host>
+                                        <key>pfsense.value[if_speedtest_value,{#IFNAME},upload]</key>
+                                    </item>
+                                </graph_item>
+                                <graph_item>
+                                    <sortorder>2</sortorder>
+                                    <drawtype>0</drawtype>
+                                    <color>0040FF</color>
+                                    <yaxisside>0</yaxisside>
+                                    <calc_fnc>7</calc_fnc>
+                                    <type>0</type>
+                                    <item>
+                                        <host>pfSense Active Speedtest</host>
+                                        <key>pfsense.value[if_speedtest_value,{#IFNAME},ping]</key>
+                                    </item>
+                                </graph_item>
+                            </graph_items>
+                        </graph_prototype>
+                    </graph_prototypes>
+                    <host_prototypes/>
+                    <jmx_endpoint/>
+                    <timeout>3s</timeout>
+                    <url/>
+                    <query_fields/>
+                    <posts/>
+                    <status_codes>200</status_codes>
+                    <follow_redirects>1</follow_redirects>
+                    <post_type>0</post_type>
+                    <http_proxy/>
+                    <headers/>
+                    <retrieve_mode>0</retrieve_mode>
+                    <request_method>0</request_method>
+                    <allow_traps>0</allow_traps>
+                    <ssl_cert_file/>
+                    <ssl_key_file/>
+                    <ssl_key_password/>
+                    <verify_peer>0</verify_peer>
+                    <verify_host>0</verify_host>
+                </discovery_rule>
+            </discovery_rules>
+            <httptests/>
+            <macros/>
+            <templates/>
+            <screens/>
+        </template>
+    </templates>
+</zabbix_export>

zabbix5/template_pfsense_active_ipsec.xml

@@ -0,0 +1,301 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<zabbix_export>
+    <version>5.0</version>
+    <date>2021-07-12T10:36:28Z</date>
+    <groups>
+        <group>
+            <name>Templates/Network Devices</name>
+        </group>
+    </groups>
+    <templates>
+        <template>
+            <template>Template pfSense Active IPsec</template>
+            <name>pfSense Active: IPsec</name>
+            <description>Extension for pfSense Active Template.&#13;
+Monitor IPsec VPN.&#13;
+&#13;
+Requires pfsense_zbx.php installed to pfSense Box.&#13;
+Version 1.0.2&#13;
+&#13;
+https://github.com/rbicelli/pfsense-zabbix-template</description>
+            <groups>
+                <group>
+                    <name>Templates/Network Devices</name>
+                </group>
+            </groups>
+            <applications>
+                <application>
+                    <name>IPsec</name>
+                </application>
+            </applications>
+            <discovery_rules>
+                <discovery_rule>
+                    <name>IPsec Phase 1 Discovery</name>
+                    <type>ZABBIX_ACTIVE</type>
+                    <key>pfsense.discovery[ipsec_ph1]</key>
+                    <delay>1200s</delay>
+                    <description>Discovery of IPsec Phase 1</description>
+                    <item_prototypes>
+                        <item_prototype>
+                            <name>IPsec Tunnel {#IKEID} {#NAME} Tunnel Enabled</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[ipsec_ph1,{#IKEID},disabled]</key>
+                            <delay>120s</delay>
+                            <description>IPsec Phase 1  Tunnel Mode</description>
+                            <applications>
+                                <application>
+                                    <name>IPsec</name>
+                                </application>
+                            </applications>
+                            <valuemap>
+                                <name>pfSense IPsec Enabled</name>
+                            </valuemap>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>IPsec Tunnel {#IKEID} {#NAME} IKE Type</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[ipsec_ph1,{#IKEID},iketype]</key>
+                            <delay>600s</delay>
+                            <description>IPsec Phase 1 IKE Type</description>
+                            <applications>
+                                <application>
+                                    <name>IPsec</name>
+                                </application>
+                            </applications>
+                            <valuemap>
+                                <name>pfSense IPsec IKE Type</name>
+                            </valuemap>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>IPsec Tunnel {#IKEID} {#NAME} Tunnel Mode</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[ipsec_ph1,{#IKEID},mode]</key>
+                            <delay>600s</delay>
+                            <description>IPsec Phase 1  Tunnel Mode</description>
+                            <applications>
+                                <application>
+                                    <name>IPsec</name>
+                                </application>
+                            </applications>
+                            <valuemap>
+                                <name>pfSense IPsec Tunnel Mode</name>
+                            </valuemap>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>IPsec Tunnel {#IKEID} {#NAME} Protocol</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[ipsec_ph1,{#IKEID},protocol]</key>
+                            <delay>600s</delay>
+                            <description>IPsec Phase 1 Protocol</description>
+                            <applications>
+                                <application>
+                                    <name>IPsec</name>
+                                </application>
+                            </applications>
+                            <valuemap>
+                                <name>pfSense IPsec Protocol</name>
+                            </valuemap>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>IPsec Tunnel {#IKEID} {#NAME}  Remote Gateway</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[ipsec_ph1,{#IKEID},remote-gateway]</key>
+                            <delay>600s</delay>
+                            <trends>0</trends>
+                            <value_type>TEXT</value_type>
+                            <description>IPsec Phase 1  Remote Gateway</description>
+                            <applications>
+                                <application>
+                                    <name>IPsec</name>
+                                </application>
+                            </applications>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>IPsec Tunnel {#IKEID} {#NAME}  Phase 1 Status</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[ipsec_ph1,{#IKEID},status]</key>
+                            <delay>60s</delay>
+                            <description>IPsec Phase 1  Tunnel Mode</description>
+                            <applications>
+                                <application>
+                                    <name>IPsec</name>
+                                </application>
+                            </applications>
+                            <valuemap>
+                                <name>pfSense IPsec Phase 1 Status</name>
+                            </valuemap>
+                        </item_prototype>
+                    </item_prototypes>
+                    <trigger_prototypes>
+                        <trigger_prototype>
+                            <expression>{Template pfSense Active IPsec:pfsense.value[ipsec_ph1,{#IKEID},disabled].last()}=0 and {Template pfSense Active IPsec:pfsense.value[ipsec_ph1,{#IKEID},status].last()}&lt;&gt;1 and {Template pfSense Active IPsec:pfsense.value[ipsec_ph1,{#IKEID},status].last()}&lt;10</expression>
+                            <name>IPsec Tunnel {#IKEID} ({#NAME}) Not Connected</name>
+                            <priority>HIGH</priority>
+                            <description>IPsec Phase 1 is not connected.</description>
+                        </trigger_prototype>
+                    </trigger_prototypes>
+                </discovery_rule>
+                <discovery_rule>
+                    <name>IPsec Phase 2 Discovery</name>
+                    <type>ZABBIX_ACTIVE</type>
+                    <key>pfsense.discovery[ipsec_ph2]</key>
+                    <delay>1200s</delay>
+                    <description>Discovery of IPsec Phase 2</description>
+                    <item_prototypes>
+                        <item_prototype>
+                            <name>IPsec Tunnel  {#IKEID}.{#REQID} {#NAME} Phase 2 Enabled</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[ipsec_ph2,{#UNIQID},disabled]</key>
+                            <delay>120s</delay>
+                            <description>IPsec Tunnel Phase 2 Protocol</description>
+                            <applications>
+                                <application>
+                                    <name>IPsec</name>
+                                </application>
+                            </applications>
+                            <valuemap>
+                                <name>pfSense IPsec Enabled</name>
+                            </valuemap>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>IPsec Tunnel  {#IKEID}.{#REQID} {#NAME} Phase 2 Life Time</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[ipsec_ph2,{#UNIQID},lifetime]</key>
+                            <delay>600s</delay>
+                            <units>s</units>
+                            <description>IPsec Tunnel Phase 2 Life Time</description>
+                            <applications>
+                                <application>
+                                    <name>IPsec</name>
+                                </application>
+                            </applications>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>IPsec Tunnel  {#IKEID}.{#REQID} {#NAME} Phase 2 Mode</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[ipsec_ph2,{#UNIQID},mode]</key>
+                            <delay>600s</delay>
+                            <description>IPsec Tunnel Phase 2 Mode</description>
+                            <applications>
+                                <application>
+                                    <name>IPsec</name>
+                                </application>
+                            </applications>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>IPsec Tunnel  {#IKEID}.{#REQID} {#NAME} Phase 2 Protocol</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[ipsec_ph2,{#UNIQID},protocol]</key>
+                            <delay>600s</delay>
+                            <description>IPsec Tunnel Phase 2 Protocol</description>
+                            <applications>
+                                <application>
+                                    <name>IPsec</name>
+                                </application>
+                            </applications>
+                            <valuemap>
+                                <name>pfSense IPsec Phase 2 Protocol</name>
+                            </valuemap>
+                        </item_prototype>
+                    </item_prototypes>
+                </discovery_rule>
+            </discovery_rules>
+        </template>
+    </templates>
+    <value_maps>
+        <value_map>
+            <name>pfSense IPsec Enabled</name>
+            <mappings>
+                <mapping>
+                    <value>0</value>
+                    <newvalue>Yes</newvalue>
+                </mapping>
+                <mapping>
+                    <value>1</value>
+                    <newvalue>No</newvalue>
+                </mapping>
+            </mappings>
+        </value_map>
+        <value_map>
+            <name>pfSense IPsec IKE Type</name>
+            <mappings>
+                <mapping>
+                    <value>0</value>
+                    <newvalue>Auto</newvalue>
+                </mapping>
+                <mapping>
+                    <value>1</value>
+                    <newvalue>IKE v1</newvalue>
+                </mapping>
+                <mapping>
+                    <value>2</value>
+                    <newvalue>IKE v2</newvalue>
+                </mapping>
+            </mappings>
+        </value_map>
+        <value_map>
+            <name>pfSense IPsec Phase 1 Status</name>
+            <mappings>
+                <mapping>
+                    <value>0</value>
+                    <newvalue>Down</newvalue>
+                </mapping>
+                <mapping>
+                    <value>1</value>
+                    <newvalue>Established</newvalue>
+                </mapping>
+                <mapping>
+                    <value>2</value>
+                    <newvalue>Connecting</newvalue>
+                </mapping>
+                <mapping>
+                    <value>10</value>
+                    <newvalue>Down on CARP Secondary</newvalue>
+                </mapping>
+            </mappings>
+        </value_map>
+        <value_map>
+            <name>pfSense IPsec Phase 2 Protocol</name>
+            <mappings>
+                <mapping>
+                    <value>1</value>
+                    <newvalue>ESP</newvalue>
+                </mapping>
+                <mapping>
+                    <value>2</value>
+                    <newvalue>AH</newvalue>
+                </mapping>
+            </mappings>
+        </value_map>
+        <value_map>
+            <name>pfSense IPsec Protocol</name>
+            <mappings>
+                <mapping>
+                    <value>0</value>
+                    <newvalue>Dual Stack (IPv4 &amp; IPv6)</newvalue>
+                </mapping>
+                <mapping>
+                    <value>1</value>
+                    <newvalue>IPv4</newvalue>
+                </mapping>
+                <mapping>
+                    <value>2</value>
+                    <newvalue>IPv6</newvalue>
+                </mapping>
+            </mappings>
+        </value_map>
+        <value_map>
+            <name>pfSense IPsec Tunnel Mode</name>
+            <mappings>
+                <mapping>
+                    <value>0</value>
+                    <newvalue>Main</newvalue>
+                </mapping>
+                <mapping>
+                    <value>1</value>
+                    <newvalue>Aggressive</newvalue>
+                </mapping>
+            </mappings>
+        </value_map>
+    </value_maps>
+</zabbix_export>

zabbix5/template_pfsense_active_ovpn_user.xml

@@ -0,0 +1,168 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<zabbix_export>
+    <version>5.0</version>
+    <date>2021-07-12T10:37:03Z</date>
+    <groups>
+        <group>
+            <name>Templates/Network Devices</name>
+        </group>
+    </groups>
+    <templates>
+        <template>
+            <template>Template pfSense Active OpenVPN Server User Auth</template>
+            <name>pfSense Active: OpenVPN Server User Auth</name>
+            <description>Extension for pfSense Active Template.&#13;
+Monitor client Connections of OpenVPN Server.&#13;
+&#13;
+Requires pfsense_zbx.php installed to pfSense Box.&#13;
+Version 1.0.2&#13;
+&#13;
+https://github.com/rbicelli/pfsense-zabbix-template</description>
+            <groups>
+                <group>
+                    <name>Templates/Network Devices</name>
+                </group>
+            </groups>
+            <applications>
+                <application>
+                    <name>OpenVPN Server Clients</name>
+                </application>
+            </applications>
+            <discovery_rules>
+                <discovery_rule>
+                    <name>OpenVPN User Auth Connected Clients Discovery</name>
+                    <type>ZABBIX_ACTIVE</type>
+                    <key>pfsense.discovery[openvpn_server_user]</key>
+                    <delay>60s</delay>
+                    <description>Discovery of clients connected to OpenVPN Server in User Auth Mode</description>
+                    <item_prototypes>
+                        <item_prototype>
+                            <name>OpenVPN Server {#SERVERNAME}, Client {#USERID}: Bytes Received</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[openvpn_server_uservalue,{#UNIQUEID},bytes_recv]</key>
+                            <delay>60s</delay>
+                            <trends>0</trends>
+                            <units>bytes</units>
+                            <description>Client Bytes Received</description>
+                            <applications>
+                                <application>
+                                    <name>OpenVPN Server Clients</name>
+                                </application>
+                            </applications>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>OpenVPN Server {#SERVERNAME}, Client {#USERID}: Bytes Sent</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[openvpn_server_uservalue,{#UNIQUEID},bytes_sent]</key>
+                            <delay>60s</delay>
+                            <trends>0</trends>
+                            <units>bytes</units>
+                            <description>Client Bytes Sent</description>
+                            <applications>
+                                <application>
+                                    <name>OpenVPN Server Clients</name>
+                                </application>
+                            </applications>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>OpenVPN Server {#SERVERNAME}, Client {#USERID}: Connection Time</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[openvpn_server_uservalue,{#UNIQUEID},connect_time_unix]</key>
+                            <delay>60s</delay>
+                            <trends>0</trends>
+                            <units>unixtime</units>
+                            <description>Client Connect Time</description>
+                            <applications>
+                                <application>
+                                    <name>OpenVPN Server Clients</name>
+                                </application>
+                            </applications>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>OpenVPN Server {#SERVERNAME}, Client {#USERID}: Remote Host</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[openvpn_server_uservalue,{#UNIQUEID},remote_host]</key>
+                            <delay>60s</delay>
+                            <trends>0</trends>
+                            <value_type>TEXT</value_type>
+                            <description>Remote Host</description>
+                            <applications>
+                                <application>
+                                    <name>OpenVPN Server Clients</name>
+                                </application>
+                            </applications>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>OpenVPN Server {#SERVERNAME}, Client {#USERID}: User Name</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[openvpn_server_uservalue,{#UNIQUEID},user_name]</key>
+                            <delay>60s</delay>
+                            <trends>0</trends>
+                            <value_type>TEXT</value_type>
+                            <description>Client User Name</description>
+                            <applications>
+                                <application>
+                                    <name>OpenVPN Server Clients</name>
+                                </application>
+                            </applications>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>OpenVPN Server {#SERVERNAME}, Client {#USERID}: Virtual IP Address (IPv6)</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[openvpn_server_uservalue,{#UNIQUEID},virtual_addr6]</key>
+                            <delay>60s</delay>
+                            <trends>0</trends>
+                            <value_type>TEXT</value_type>
+                            <description>IPv6 Address assigned from OpenVPN Server</description>
+                            <applications>
+                                <application>
+                                    <name>OpenVPN Server Clients</name>
+                                </application>
+                            </applications>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>OpenVPN Server {#SERVERNAME}, Client {#USERID}: Virtual IP Address</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[openvpn_server_uservalue,{#UNIQUEID},virtual_addr]</key>
+                            <delay>60s</delay>
+                            <trends>0</trends>
+                            <value_type>TEXT</value_type>
+                            <description>IP Address assigned from OpenVPN Server</description>
+                            <applications>
+                                <application>
+                                    <name>OpenVPN Server Clients</name>
+                                </application>
+                            </applications>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>OpenVPN Server {#SERVERNAME}, Client {#USERID}: Client ID</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[openvpn_server_uservalue_numeric,{#UNIQUEID},client_id]</key>
+                            <delay>60s</delay>
+                            <trends>0</trends>
+                            <description>Client ID</description>
+                            <applications>
+                                <application>
+                                    <name>OpenVPN Server Clients</name>
+                                </application>
+                            </applications>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>OpenVPN Server {#SERVERNAME}, Client {#USERID}: Peer ID</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[openvpn_server_uservalue_numeric,{#UNIQUEID},peer_id]</key>
+                            <delay>60s</delay>
+                            <trends>0</trends>
+                            <description>Peer ID</description>
+                            <applications>
+                                <application>
+                                    <name>OpenVPN Server Clients</name>
+                                </application>
+                            </applications>
+                        </item_prototype>
+                    </item_prototypes>
+                </discovery_rule>
+            </discovery_rules>
+        </template>
+    </templates>
+</zabbix_export>

zabbix5/template_pfsense_active_speedtest.xml

@@ -0,0 +1,119 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<zabbix_export>
+    <version>5.0</version>
+    <date>2021-07-12T10:37:45Z</date>
+    <groups>
+        <group>
+            <name>Templates/Network Devices</name>
+        </group>
+    </groups>
+    <templates>
+        <template>
+            <template>pfSense Active Speedtest</template>
+            <name>pfSense Active: Speedtest</name>
+            <description>Extension for pfSense Active Template.&#13;
+Executes Speedtests on WAN Interfaces.&#13;
+&#13;
+Requires pfsense_zbx.php installed to pfSense Box.&#13;
+Version 1.0.5&#13;
+&#13;
+https://github.com/rbicelli/pfsense-zabbix-template</description>
+            <groups>
+                <group>
+                    <name>Templates/Network Devices</name>
+                </group>
+            </groups>
+            <applications>
+                <application>
+                    <name>Network interfaces</name>
+                </application>
+            </applications>
+            <discovery_rules>
+                <discovery_rule>
+                    <name>WAN Interfaces</name>
+                    <type>ZABBIX_ACTIVE</type>
+                    <key>pfsense.discovery[wan]</key>
+                    <delay>6h</delay>
+                    <description>Discover WAN Interfaces</description>
+                    <item_prototypes>
+                        <item_prototype>
+                            <name>Speedtest Download on {#IFDESCR}</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[if_speedtest_value,{#IFNAME},download]</key>
+                            <delay>30m</delay>
+                            <value_type>FLOAT</value_type>
+                            <units>bps</units>
+                            <description>Download speed determined by Ookla Speedtest package</description>
+                            <applications>
+                                <application>
+                                    <name>Network interfaces</name>
+                                </application>
+                            </applications>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>Speedtest Ping on {#IFDESCR}</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[if_speedtest_value,{#IFNAME},ping]</key>
+                            <delay>30m</delay>
+                            <value_type>FLOAT</value_type>
+                            <units>ms</units>
+                            <description>Ping determined by Ookla Speedtest package</description>
+                            <applications>
+                                <application>
+                                    <name>Network interfaces</name>
+                                </application>
+                            </applications>
+                        </item_prototype>
+                        <item_prototype>
+                            <name>Speedtest Upload on {#IFDESCR}</name>
+                            <type>ZABBIX_ACTIVE</type>
+                            <key>pfsense.value[if_speedtest_value,{#IFNAME},upload]</key>
+                            <delay>30m</delay>
+                            <value_type>FLOAT</value_type>
+                            <units>bps</units>
+                            <description>Ping determined by Ookla Speedtest package</description>
+                            <applications>
+                                <application>
+                                    <name>Network interfaces</name>
+                                </application>
+                            </applications>
+                        </item_prototype>
+                    </item_prototypes>
+                    <graph_prototypes>
+                        <graph_prototype>
+                            <name>Speedtest metrics on {#IFDESCR}</name>
+                            <graph_items>
+                                <graph_item>
+                                    <color>199C0D</color>
+                                    <calc_fnc>ALL</calc_fnc>
+                                    <item>
+                                        <host>pfSense Active Speedtest</host>
+                                        <key>pfsense.value[if_speedtest_value,{#IFNAME},download]</key>
+                                    </item>
+                                </graph_item>
+                                <graph_item>
+                                    <sortorder>1</sortorder>
+                                    <color>FFFF00</color>
+                                    <calc_fnc>ALL</calc_fnc>
+                                    <item>
+                                        <host>pfSense Active Speedtest</host>
+                                        <key>pfsense.value[if_speedtest_value,{#IFNAME},upload]</key>
+                                    </item>
+                                </graph_item>
+                                <graph_item>
+                                    <sortorder>2</sortorder>
+                                    <color>0040FF</color>
+                                    <calc_fnc>ALL</calc_fnc>
+                                    <item>
+                                        <host>pfSense Active Speedtest</host>
+                                        <key>pfsense.value[if_speedtest_value,{#IFNAME},ping]</key>
+                                    </item>
+                                </graph_item>
+                            </graph_items>
+                        </graph_prototype>
+                    </graph_prototypes>
+                </discovery_rule>
+            </discovery_rules>
+        </template>
+    </templates>
+</zabbix_export>

zabbix6/pfsense_active_ipsec.yaml

@@ -0,0 +1,247 @@
+zabbix_export:
+  version: '6.0'
+  date: '2023-02-26T13:19:29Z'
+  groups:
+    -
+      uuid: 4918b88734c54bd094cff7585b5d71fc
+      name: 'Templates/Network Devices'
+  templates:
+    -
+      uuid: 7b956a3e6aa1464781b38a854872a1c6
+      template: 'Template pfSense Active IPsec'
+      name: 'pfSense Active: IPsec'
+      description: |
+        Extension for pfSense Active Template.
+        Monitor IPsec VPN.
+        
+        Requires pfsense_zbx.php installed to pfSense Box.
+        Version 1.0.2
+        
+        https://github.com/rbicelli/pfsense-zabbix-template
+      groups:
+        -
+          name: 'Templates/Network Devices'
+      discovery_rules:
+        -
+          uuid: e7526169245d49a6aa6afbcacaa02b18
+          name: 'IPsec Phase 1 Discovery'
+          type: ZABBIX_ACTIVE
+          key: 'pfsense.discovery[ipsec_ph1]'
+          delay: 1200s
+          description: 'Discovery of IPsec Phase 1'
+          item_prototypes:
+            -
+              uuid: 04d6b1d0a32949bfa96cf503f60b6c53
+              name: 'IPsec Tunnel {#IKEID} {#NAME} Tunnel Enabled'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[ipsec_ph1,{#IKEID},disabled]'
+              delay: 120s
+              description: 'IPsec Phase 1  Tunnel Mode'
+              valuemap:
+                name: 'pfSense IPsec Enabled'
+              tags:
+                -
+                  tag: Application
+                  value: IPsec
+            -
+              uuid: 810da7b475df4d738c702f373771092e
+              name: 'IPsec Tunnel {#IKEID} {#NAME} IKE Type'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[ipsec_ph1,{#IKEID},iketype]'
+              delay: 600s
+              description: 'IPsec Phase 1 IKE Type'
+              valuemap:
+                name: 'pfSense IPsec IKE Type'
+              tags:
+                -
+                  tag: Application
+                  value: IPsec
+            -
+              uuid: 47b54bc4a08e464b839bcfd5106ec5a9
+              name: 'IPsec Tunnel {#IKEID} {#NAME} Tunnel Mode'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[ipsec_ph1,{#IKEID},mode]'
+              delay: 600s
+              description: 'IPsec Phase 1  Tunnel Mode'
+              valuemap:
+                name: 'pfSense IPsec Tunnel Mode'
+              tags:
+                -
+                  tag: Application
+                  value: IPsec
+            -
+              uuid: a404f5d20988445d8777758b95b02076
+              name: 'IPsec Tunnel {#IKEID} {#NAME} Protocol'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[ipsec_ph1,{#IKEID},protocol]'
+              delay: 600s
+              description: 'IPsec Phase 1 Protocol'
+              valuemap:
+                name: 'pfSense IPsec Protocol'
+              tags:
+                -
+                  tag: Application
+                  value: IPsec
+            -
+              uuid: ce0d2464361e41018fdd1831db1ec4b3
+              name: 'IPsec Tunnel {#IKEID} {#NAME}  Remote Gateway'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[ipsec_ph1,{#IKEID},remote-gateway]'
+              delay: 600s
+              trends: '0'
+              value_type: TEXT
+              description: 'IPsec Phase 1  Remote Gateway'
+              tags:
+                -
+                  tag: Application
+                  value: IPsec
+            -
+              uuid: 34d7e2395d8b43ec9c0267664be27881
+              name: 'IPsec Tunnel {#IKEID} {#NAME}  Phase 1 Status'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[ipsec_ph1,{#IKEID},status]'
+              delay: 60s
+              description: 'IPsec Phase 1  Tunnel Mode'
+              valuemap:
+                name: 'pfSense IPsec Phase 1 Status'
+              tags:
+                -
+                  tag: Application
+                  value: IPsec
+          trigger_prototypes:
+            -
+              uuid: d675635e19aa4cd7a7202e983cbe4ce6
+              expression: 'last(/Template pfSense Active IPsec/pfsense.value[ipsec_ph1,{#IKEID},disabled])=0 and last(/Template pfSense Active IPsec/pfsense.value[ipsec_ph1,{#IKEID},status])<>1 and last(/Template pfSense Active IPsec/pfsense.value[ipsec_ph1,{#IKEID},status])<10'
+              name: 'IPsec Tunnel {#IKEID} ({#NAME}) Not Connected'
+              priority: HIGH
+              description: 'IPsec Phase 1 is not connected.'
+        -
+          uuid: fa934077cae64a049e68e2130e5e1e84
+          name: 'IPsec Phase 2 Discovery'
+          type: ZABBIX_ACTIVE
+          key: 'pfsense.discovery[ipsec_ph2]'
+          delay: 1200s
+          description: 'Discovery of IPsec Phase 2'
+          item_prototypes:
+            -
+              uuid: 1857b124103c4f08b5ed962259fcbe06
+              name: 'IPsec Tunnel  {#IKEID}.{#REQID} {#NAME} Phase 2 Enabled'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[ipsec_ph2,{#UNIQID},disabled]'
+              delay: 120s
+              description: 'IPsec Tunnel Phase 2 Protocol'
+              valuemap:
+                name: 'pfSense IPsec Enabled'
+              tags:
+                -
+                  tag: Application
+                  value: IPsec
+            -
+              uuid: 3ac7d6d1be034a3db8afad18791b43aa
+              name: 'IPsec Tunnel  {#IKEID}.{#REQID} {#NAME} Phase 2 Life Time'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[ipsec_ph2,{#UNIQID},lifetime]'
+              delay: 600s
+              units: s
+              description: 'IPsec Tunnel Phase 2 Life Time'
+              tags:
+                -
+                  tag: Application
+                  value: IPsec
+            -
+              uuid: dfbae3fe2bcd45f3ac38c6ea0df5d250
+              name: 'IPsec Tunnel  {#IKEID}.{#REQID} {#NAME} Phase 2 Mode'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[ipsec_ph2,{#UNIQID},mode]'
+              delay: 600s
+              description: 'IPsec Tunnel Phase 2 Mode'
+              tags:
+                -
+                  tag: Application
+                  value: IPsec
+            -
+              uuid: 794565a046ff447ca8ad3a7597ee52f5
+              name: 'IPsec Tunnel  {#IKEID}.{#REQID} {#NAME} Phase 2 Protocol'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[ipsec_ph2,{#UNIQID},protocol]'
+              delay: 600s
+              description: 'IPsec Tunnel Phase 2 Protocol'
+              valuemap:
+                name: 'pfSense IPsec Phase 2 Protocol'
+              tags:
+                -
+                  tag: Application
+                  value: IPsec
+      valuemaps:
+        -
+          uuid: fb66440f3f454b36ae5c5d7b015529a1
+          name: 'pfSense IPsec Enabled'
+          mappings:
+            -
+              value: '0'
+              newvalue: 'Yes'
+            -
+              value: '1'
+              newvalue: 'No'
+        -
+          uuid: 7077365285f14733a55edd9ade5fdfcb
+          name: 'pfSense IPsec IKE Type'
+          mappings:
+            -
+              value: '0'
+              newvalue: Auto
+            -
+              value: '1'
+              newvalue: 'IKE v1'
+            -
+              value: '2'
+              newvalue: 'IKE v2'
+        -
+          uuid: a7a80f8152804c6f882898ca7378c403
+          name: 'pfSense IPsec Phase 1 Status'
+          mappings:
+            -
+              value: '0'
+              newvalue: Down
+            -
+              value: '1'
+              newvalue: Established
+            -
+              value: '2'
+              newvalue: Connecting
+            -
+              value: '10'
+              newvalue: 'Down on CARP Secondary'
+        -
+          uuid: 55e4705203cf4b5996dcd6e10cd508b9
+          name: 'pfSense IPsec Phase 2 Protocol'
+          mappings:
+            -
+              value: '1'
+              newvalue: ESP
+            -
+              value: '2'
+              newvalue: AH
+        -
+          uuid: b72cdb06faec4f9492913ba820677370
+          name: 'pfSense IPsec Protocol'
+          mappings:
+            -
+              value: '0'
+              newvalue: 'Dual Stack (IPv4 & IPv6)'
+            -
+              value: '1'
+              newvalue: IPv4
+            -
+              value: '2'
+              newvalue: IPv6
+        -
+          uuid: 864f6d2be4c544cf8fe38b9a619363b5
+          name: 'pfSense IPsec Tunnel Mode'
+          mappings:
+            -
+              value: '0'
+              newvalue: Main
+            -
+              value: '1'
+              newvalue: Aggressive

zabbix6/pfsense_active_openvpn_userauth.yaml

@@ -0,0 +1,147 @@
+zabbix_export:
+  version: '6.0'
+  date: '2023-02-26T13:19:53Z'
+  groups:
+    -
+      uuid: 4918b88734c54bd094cff7585b5d71fc
+      name: 'Templates/Network Devices'
+  templates:
+    -
+      uuid: 6a1ef5e767cc4aba85c0d1712972eeb2
+      template: 'Template pfSense Active OpenVPN Server User Auth'
+      name: 'pfSense Active: OpenVPN Server User Auth'
+      description: |
+        Extension for pfSense Active Template.
+        Monitor client Connections of OpenVPN Server.
+        
+        Requires pfsense_zbx.php installed to pfSense Box.
+        Version 1.0.2
+        
+        https://github.com/rbicelli/pfsense-zabbix-template
+      groups:
+        -
+          name: 'Templates/Network Devices'
+      discovery_rules:
+        -
+          uuid: bae30f6a683e407aa9eeafbf9edb9179
+          name: 'OpenVPN User Auth Connected Clients Discovery'
+          type: ZABBIX_ACTIVE
+          key: 'pfsense.discovery[openvpn_server_user]'
+          delay: 60s
+          description: 'Discovery of clients connected to OpenVPN Server in User Auth Mode'
+          item_prototypes:
+            -
+              uuid: 272166157ee4456b887e7df305167c2d
+              name: 'OpenVPN Server {#SERVERNAME}, Client {#USERID}: Bytes Received'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[openvpn_server_uservalue,{#UNIQUEID},bytes_recv]'
+              delay: 60s
+              trends: '0'
+              units: bytes
+              description: 'Client Bytes Received'
+              tags:
+                -
+                  tag: Application
+                  value: 'OpenVPN Server Clients'
+            -
+              uuid: 1acfb6c10d4d4a8d97281f37e757d3bf
+              name: 'OpenVPN Server {#SERVERNAME}, Client {#USERID}: Bytes Sent'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[openvpn_server_uservalue,{#UNIQUEID},bytes_sent]'
+              delay: 60s
+              trends: '0'
+              units: bytes
+              description: 'Client Bytes Sent'
+              tags:
+                -
+                  tag: Application
+                  value: 'OpenVPN Server Clients'
+            -
+              uuid: 5f779a0e03b84be19030766d6fcffd92
+              name: 'OpenVPN Server {#SERVERNAME}, Client {#USERID}: Connection Time'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[openvpn_server_uservalue,{#UNIQUEID},connect_time_unix]'
+              delay: 60s
+              trends: '0'
+              units: unixtime
+              description: 'Client Connect Time'
+              tags:
+                -
+                  tag: Application
+                  value: 'OpenVPN Server Clients'
+            -
+              uuid: 40b0a64862a44a99a33581b916ad6467
+              name: 'OpenVPN Server {#SERVERNAME}, Client {#USERID}: Remote Host'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[openvpn_server_uservalue,{#UNIQUEID},remote_host]'
+              delay: 60s
+              trends: '0'
+              value_type: TEXT
+              description: 'Remote Host'
+              tags:
+                -
+                  tag: Application
+                  value: 'OpenVPN Server Clients'
+            -
+              uuid: 8e1b6f2d8397483d8a2768babd93a1a7
+              name: 'OpenVPN Server {#SERVERNAME}, Client {#USERID}: User Name'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[openvpn_server_uservalue,{#UNIQUEID},user_name]'
+              delay: 60s
+              trends: '0'
+              value_type: TEXT
+              description: 'Client User Name'
+              tags:
+                -
+                  tag: Application
+                  value: 'OpenVPN Server Clients'
+            -
+              uuid: 0329f5bf3fb94bdaa30c0e412bc337f8
+              name: 'OpenVPN Server {#SERVERNAME}, Client {#USERID}: Virtual IP Address (IPv6)'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[openvpn_server_uservalue,{#UNIQUEID},virtual_addr6]'
+              delay: 60s
+              trends: '0'
+              value_type: TEXT
+              description: 'IPv6 Address assigned from OpenVPN Server'
+              tags:
+                -
+                  tag: Application
+                  value: 'OpenVPN Server Clients'
+            -
+              uuid: 1c21ccdd3bf14aa3b8b65986b5317f6a
+              name: 'OpenVPN Server {#SERVERNAME}, Client {#USERID}: Virtual IP Address'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[openvpn_server_uservalue,{#UNIQUEID},virtual_addr]'
+              delay: 60s
+              trends: '0'
+              value_type: TEXT
+              description: 'IP Address assigned from OpenVPN Server'
+              tags:
+                -
+                  tag: Application
+                  value: 'OpenVPN Server Clients'
+            -
+              uuid: 15192106b2164e0e9df447ba330007db
+              name: 'OpenVPN Server {#SERVERNAME}, Client {#USERID}: Client ID'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[openvpn_server_uservalue_numeric,{#UNIQUEID},client_id]'
+              delay: 60s
+              trends: '0'
+              description: 'Client ID'
+              tags:
+                -
+                  tag: Application
+                  value: 'OpenVPN Server Clients'
+            -
+              uuid: de719e75d02440fe96c987bd5ddcb367
+              name: 'OpenVPN Server {#SERVERNAME}, Client {#USERID}: Peer ID'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[openvpn_server_uservalue_numeric,{#UNIQUEID},peer_id]'
+              delay: 60s
+              trends: '0'
+              description: 'Peer ID'
+              tags:
+                -
+                  tag: Application
+                  value: 'OpenVPN Server Clients'

zabbix6/pfsense_active_speedtest.yaml

@@ -0,0 +1,97 @@
+zabbix_export:
+  version: '6.0'
+  date: '2023-02-26T13:20:29Z'
+  groups:
+    -
+      uuid: 4918b88734c54bd094cff7585b5d71fc
+      name: 'Templates/Network Devices'
+  templates:
+    -
+      uuid: 1c7cba22540d4c10a5ee14c2b25223ca
+      template: 'pfSense Active Speedtest'
+      name: 'pfSense Active: Speedtest'
+      description: |
+        Extension for pfSense Active Template.
+        Executes Speedtests on WAN Interfaces.
+        
+        Requires pfsense_zbx.php installed to pfSense Box.
+        Version 1.0.5
+        
+        https://github.com/rbicelli/pfsense-zabbix-template
+      groups:
+        -
+          name: 'Templates/Network Devices'
+      discovery_rules:
+        -
+          uuid: 40288914aa9742adb93120c367263690
+          name: 'WAN Interfaces'
+          type: ZABBIX_ACTIVE
+          key: 'pfsense.discovery[wan]'
+          delay: 300s
+          description: 'Discover WAN Interfaces'
+          item_prototypes:
+            -
+              uuid: a79d28cf3f3b4981b59f571117e64d24
+              name: 'Speedtest Download on {#IFDESCR}'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[if_speedtest_value,{#IFNAME},download]'
+              delay: 3600s
+              value_type: FLOAT
+              units: bps
+              description: 'Download speed determined by Ookla Speedtest package'
+              tags:
+                -
+                  tag: Application
+                  value: 'Network interfaces'
+            -
+              uuid: 52b640fcdf484b538f85bf32d2afbcf3
+              name: 'Speedtest Ping on {#IFDESCR}'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[if_speedtest_value,{#IFNAME},ping]'
+              delay: 3600s
+              value_type: FLOAT
+              units: ms
+              description: 'Ping determined by Ookla Speedtest package'
+              tags:
+                -
+                  tag: Application
+                  value: 'Network interfaces'
+            -
+              uuid: 4bd063f24e554832b59bfa2231d53bf1
+              name: 'Speedtest Upload on {#IFDESCR}'
+              type: ZABBIX_ACTIVE
+              key: 'pfsense.value[if_speedtest_value,{#IFNAME},upload]'
+              delay: 3600s
+              value_type: FLOAT
+              units: bps
+              description: 'Ping determined by Ookla Speedtest package'
+              tags:
+                -
+                  tag: Application
+                  value: 'Network interfaces'
+          graph_prototypes:
+            -
+              uuid: 74cdea0b8136495496bb90593bd78a59
+              name: 'Speedtest metrics on {#IFDESCR}'
+              graph_items:
+                -
+                  sortorder: '1'
+                  color: 199C0D
+                  calc_fnc: ALL
+                  item:
+                    host: 'pfSense Active Speedtest'
+                    key: 'pfsense.value[if_speedtest_value,{#IFNAME},download]'
+                -
+                  sortorder: '2'
+                  color: FFFF00
+                  calc_fnc: ALL
+                  item:
+                    host: 'pfSense Active Speedtest'
+                    key: 'pfsense.value[if_speedtest_value,{#IFNAME},upload]'
+                -
+                  sortorder: '3'
+                  color: 0040FF
+                  calc_fnc: ALL
+                  item:
+                    host: 'pfSense Active Speedtest'
+                    key: 'pfsense.value[if_speedtest_value,{#IFNAME},ping]'