diff --git a/plugins/other/pf b/plugins/other/pf
new file mode 100755
index 00000000..0e4aeb1d
--- /dev/null
+++ b/plugins/other/pf
@@ -0,0 +1,143 @@
+#!/bin/sh
+#
+# OpenBSD's pf(4) monitoring for FreeBSD
+# 2007, Gergely Czuczy <phoemix@harmless.hu>
+#
+# Needs to run as root.
+# Add "user root" for the [pf] into plugins.conf.
+#
+# Options:
+#  - env.do_searches yes: to enable state table search monitoring`
+#
+# 0.1 - initial release:
+# - state table usage
+# - search rate
+# - match rate
+# - state mismatch rate
+# - blocked packets
+# - monitoring of labelled rules
+#
+# 0.2 - feature improvements:
+#  - Labelled rules for packet count
+#  - OpenBSD compatibility
+#  - Warning and critical on state table
+#
+# 0.3 - feature improvements:
+#  - Aggregate rules with the same label
+#
+# 0.4 - feature changes:
+#  - State searches are optional. it can shrink others.
+#  - Labelled targets are marked with a leading L
+#
+#
+#%# family=auto
+#%# capabilities=autoconf
+
+pfctl='/sbin/pfctl'
+
+case $1 in
+    config)
+    cat <<EOF
+graph_title OpenBSD pf statistics
+graph_vlabel Entries per second
+graph_scale no
+graph_category network
+graph_args -l 0
+graph_info OpenBSD's pf usage statistics
+states.label States
+states.type GAUGE
+EOF
+${pfctl} -sm 2> /dev/null | awk '
+/states/ {print "states.warning "$4*0.9; print "states.critical "$4*0.95}
+'
+if [ "x${do_searches}" = "xyes" ]; then
+    cat <<EOF
+searches.label Searches
+searches.min 0
+searches.type DERIVE
+EOF
+fi
+    cat <<EOF
+matches.label Matches
+matches.min 0
+matches.type DERIVE
+mismatches.label State mismatches
+mismatches.min 0
+mismatches.type DERIVE
+blocks.label Blocked packets
+blocks.type DERIVE
+blocks.min 0
+EOF
+pfctl -sl | awk '
+{
+ l="";
+ for (i=1; i<NF-2; i=i+1) l=l" "$i;
+ sub(/^ /, "", l);
+ f=l;
+ gsub(/[^a-z0-9A-Z]/, "_", f);
+ print f".label L: "l;
+ print f".type DERIVE"
+ print f".min 0"}'
+
+    exit 0
+    ;;
+    autoconf)
+	# FreeBSD
+	ostype=`uname -s`
+	if [ ${ostype} = "FreeBSD" ]; then
+	    # enabled?
+	    if [ `pfctl -si 2>/dev/null | awk '/^Status:/{print $2}'` != "Enabled" ]; then
+		echo "no (pf(4) is not enabled, consult pfctl(8)"
+		exit 1
+	    fi
+	# OpenBSD
+	elif [ ${ostype} = "OpenBSD" ]; then
+	    # pf(4) module loaded?
+	    if [ `kldstat -v | grep pf | wc -l` -eq 0 ]; then
+		echo "no (pf(4) is not loaded)"
+		exit 1
+	    fi
+            # enabled?
+	    if [ `pfctl -si 2>/dev/null | awk '/^Status:/{print $2}'` != "Enabled" ]; then
+		echo "no (pf(4) is not enabled, consult pfctl(8)"
+		exit 1
+	    fi
+	# Other OSes
+	else
+	    echo "no (this plugin is not supported on your OS)"
+	    exit 1
+	fi
+	echo "yes"
+	exit 0
+	;;
+    suggest)
+	exit 0;
+	;;
+esac
+
+#
+${pfctl} -si 2>/dev/null | awk '
+/current entries/{print "states.value",$3}
+/searches/{if ( "'${do_searches}'" == "yes" ) print "searches.value",$2}
+$1~/^match$/{print "matches.value",$2}
+/state-mismatch/{print "mismatches.value",$2}'
+${pfctl} -vsr 2> /dev/null| grep -A 1 ^block | awk 'BEGIN {sum=0}/^[ \t]*\[/{sum=sum+$5} END {print "blocks.value",sum}'
+
+# the labeled ones
+pfctl -sl | awk '
+BEGIN {
+ total=0
+}
+{
+ l="";
+ for (i=1; i<NF-2; i=i+1) l=l" "$i;
+ sub(/^ /, "", l);
+ f=l;
+ gsub(/[^a-z0-9A-Z]/, "_", f);
+ total=total+1;
+ fields[f]=fields[f]+$(NF-i+2);
+}
+END {
+ if ( total == 0 ) exit 0;
+ for ( k in fields ) print k".value "fields[k]
+}'