@StealthNet said in Outgoing Portscans - ntopng?:

Tbh I never thought a default package would do some kind of outbound network discovery based on class C scanning of internet hosts.

I don´t think this is ok.

I agree. I was rather shocked when I discovered this while diagnosing the same issue with another pfSense user who happens to be a close friend of min. He had also enabled it because ntopng's description made it sound like a good thing.

Anyway, I appreciate your, and others, input on this. I believe I will add a set of warning to the next version of the package, to at least have put forth the information/warning.

Thank you.

@dennypage Noted, and thanks.

@jonatremoteeyes If ntopng runs fine locally but won't connect to Ntop Cloud, it might indeed be a package limitation or the cloud.conf not being picked up properly by the pfSense package.

I know this thread is old, but this same issue (duplicated November) is reproducible in pfSense 24.03 with Traffic Totals 2.3.2_4. Same as others have reported, vnstat from the command prompt shows the correct dates.

@pulsartiger Not familiar with that package but pfSense has a cron package.

@keyser Because i've seen it can be pretty intensive, I'm going to enable it only when the needs come up. Ive seen folks leave it on which i guess you can do but seems a bit much.

I appreciate your advice!

@tman222 Welcome. If you want to give it a go, it’s available for download above. If you wait for merge, you’ll probably be waiting a long time. New ports take a while. mDNS-Bridge (replacement for Avahi routing) has been hanging out for over three months.

@HeMan321 said in ntopng ignoring "Additional configuration for ntopng.conf":

But, to be honest, I am starting to realize that ntopng is probably somewhat too complex for my needs anyway. It is very slick and powerful, but I just wanted to keep an eye on outbound connections and so probably don't need to burden my Netgate box with everything else that ntopng does.

Smart choice.

@periko I agree with you. Most if not all firewalls today provide some ability to peak into what kind of traffic is flowing through your device.

@khb a workaround I do is place both interfaces on the dashboard.
Not ideal but gets the job done

@wisser Thanks.

I didnt find a way either.

EuroPC

This doesn't have anything to do with VPN, multi WAN, etc. It's the same interface ("PLDT") in either case.

I checked the code. Both graphs are produced by /usr/local/www/js/traffic-graphs.js and the data for both comes from the same rrd file.

The graphs have different refresh rates, resulting in different time periods, which results in different time averaging intervals for rrd. The Traffic Graph page, with a hard-coded refresh rate of 1, ends up with a shorter time interval (magnified view) when compared to the Dashboard widget with a default refresh rate of 3. So on the Traffic Graph page you might see two brief spikes of 40M in quick succession, however on the dashboard widget only see one spike of 20M. It's still the same data.

FWIW, The graphs also have different smoothing applied, but this doesn't have nearly as much of an impact as the time averaging interval.

If you really want the Dashboard widget and the Traffic Graph page to match, you would need to change the widget refresh period to 1 second. In general this is not recommended due to the increased CPU requirement, but you have to decide what's more important to you.

@dennypage Confirmed that unchecking the IPv6 box allows the page to load securely on IPv4. That's quite a discovery!

@FrankZappa Dennypage, thanks for the advice. I was able to edit the CSS file you referenced above and changed the color from the ugly blue (#009688) to a nicer green (#33EF0E). What I would really like to do is get rid of the colored box and just have the color of the letters coded e.g. online = green letters and offline = red letters.

Anyway, for those of you interested in changing the color on the blue box in pfSense dark theme (which is probably just me), you need to edit lines 178, 337, and 343 in /usr/local/www/css/pfSense-dark.css. If you use a different theme, you will not have the same line numbers and it may be a different color on your Gateway widget. Change the background-color to whatever CSS code color you'd like (https://www.quackit.com/css/css_color_codes.cfm).

I will play around with the CSS code to see if I can get rid of the box completely.

Many thanks to dennypage.

71c64a10-60d0-4a12-9292-bf4b966f04d4-image.png

We use it too.