Yes.

Be ware : it might exists already. ntopng is a known tool.
Fire up your web search tool ?!

edit : the access to the GeoIP data will be invalid - their usage isn't free any more (see other forum posts).

Got the log directory changed when following a guide from 2015 from these forums.

-Toube

@Gertjan Thanks. I'll try that.

thanks, i'll try

Mmm, that's actually a pretty good video. There is some total garbage out there!

Importantly they restrict what can open port forwards. I would still check the upnp status for anything opening port 3000 though.

Steve

pfSense is truly an amazing project. Mine has actually accomplished time travel! ;)
Capture.JPG

@Gertjan said in My traffic network like crazy:

What network device / brand ?

also :
any messages in the system log ?
The output of the (console option 8) 'dmesg' command ?

I'd log a bug in Redmine (https://redmine.pfsense.org) under pfSense Packages for this. Make sure to choose Status Traffic Totals as the category. There are a number of other bugs for this package also logged there. The package was created by a Netgate employee a few years ago when RRD was dropped as the graphing tool, but I don't think it's being actively maintained anymore.

Good to hear - I found this out also because I fiddled with my interfaces long ago and had the same issues, not a very intuitive fix but at least it works.

Thanks for this, and also thanks for the other help you gave, I will see if I can make a patch for the GUI to support 60 days worth of data.

There is one way you can do it. Do this:

vnstat --exportdb

edit the output to correct the month values from the dailies (you will have to do this manually)

reimport with:

vnstat --importdb

Did not try it but could work...

Hello
I have same problem :(

I don't believe it runs as a service. Instead, I think it's called via CRON every 5 minutes to update. If you install the CRON package, it should be listed among the various other things set to run on a schedule.

@OpenWifi 👍

thanks!

i have the same problem with pfsense 2.5.x and ntopng 0.8.13_3
it's still trying to download geoip from the wrong url

$fetchcmd = "/usr/bin/fetch"; $geolite_city = "https://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz"; $geolite_city_v6 = "https://geolite.maxmind.com/download/geoip/database/GeoLiteCityv6-beta/GeoLiteCityv6.dat.gz"; $geoip_asnum = "https://download.maxmind.com/download/geoip/database/asnum/GeoIPASNum.dat.gz"; $geoip_asnum_v6 = "https://download.maxmind.com/download/geoip/database/asnum/GeoIPASNumv6.dat.gz";

i have changed it inside /usr/local/pkg/ntopng.inc as suggested here -> https://redmine.pfsense.org/issues/9211 by Mark Vejvoda to

$geolite_city = "https://centminmod.com/centminmodparts/geoip-legacy/GeoLiteCity.dat.gz"; $geolite_city_v6 = "https://centminmod.com/centminmodparts/geoip-legacy/GeoLiteCityv6.dat.gz"; $geoip_asnum = "https://centminmod.com/centminmodparts/geoip-legacy/GeoIPASNum.dat.gz"; $geoip_asnum_v6 = "https://centminmod.com/centminmodparts/geoip-legacy/GeoIPASNumv6.dat.gz";

sure - all listed here
https://docs.netgate.com/pfsense/en/latest/monitoring/monitoring-bandwidth-usage.html

I like trafshow

bump?

I found ntopng.inc inside /usr/local/pkg and attempted to append --enable-flow-activity to the end of the of line 167 but before the &. Like so...

/usr/local/bin/ntopng -d /var/db/ntopng -G /var/run/ntopng.pid -s -e {$http_args} {$disable_alerts} {$dump_ flows} {$ifaces} {$dns_mode} {$aggregations} {$local_networks} --enable-flow-activity &

Stopped and restarted ntopng and still no luck.

@RedBeardCowboy Thanks for taking the time to answer your own question. This is exactly what I was looking for today!

That is my wish also. Any way to achieve that?

@Derelict, ah. okay then.
Thank you.

@frankvh said in Determining what my new LG Smart TV is up to:

Thanks for the replies. I've been doing packet captures & examining them in wireshark. It's rather fascinating. First of all, I'm wrong about the TV - I've managed to have a network problem with the TV unplugged from the network. Can't blame the TV! But I've seen other things. For example, my Yamaha audio-visual receiver gets on the network every few seconds and asks, "Who has 192.168.1.255?" No idea why it's asking that, over and over again - predictably it doesn't get any reply. That's a bit strange. It's all good fun.

x.x.x.255 is a broadcast, meaning it is telling everyone that it is there, so nothing very strange.