• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Are there any "packet sniffers" available?

Scheduled Pinned Locked Moved pfSense Packages
7 Posts 6 Posters 3.3k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • G
    GeeZuZz
    last edited by Jan 9, 2007, 6:03 PM

    Sometimes it's usefull/interesting to keep an eye on the traffic going through my internet connection.

    Are there any packages for pfSense that lets me monitor the packages, and view the content in the packages in "real time"?

    Of course, it's not necessary to log everything - i was thinking more the possibility to log into the webinterface, and click "start", and it will start listing the packages until i click "stop". It could even be an option in the console. I remember some other firewall distro i used had some traffic monitor tools available in the console.

    The main reason i want something like this, is to find out what computers are using my internet connection, and what they are using (are they idling in a p2p/torrent application), or are they actually doing something?

    I have installed snort - but as far as i can see, i can't monitor the traffic myself?

    1 Reply Last reply Reply Quote 0
    • S
      sullrich
      last edited by Jan 9, 2007, 6:19 PM

      tcpdump is built into pfSense.

      1 Reply Last reply Reply Quote 0
      • H
        hoba
        last edited by Jan 9, 2007, 6:20 PM

        sdale is working on a webgui frontend for tcpdump afaik. Search the forum, he has announced this feature somewhere.

        1 Reply Last reply Reply Quote 0
        • R
          rsw686
          last edited by Jan 10, 2007, 3:04 AM

          I've used tcpdump like stated above and then wireshark (formerly ethereal) to analyze the packets on my other box.

          1 Reply Last reply Reply Quote 0
          • Y
            yoda715
            last edited by Jan 11, 2007, 12:36 AM

            Yes I've completed a gui for tcpdump which will capture packets. Once I knock some sense into my dev box and get something straightened out, I'll get the file committed and it should be available in an upcoming snapshot.

            1 Reply Last reply Reply Quote 0
            • G
              ginosteel
              last edited by Jan 26, 2007, 10:39 PM

              I`m using tcpflow

              tcpflow -c -s -i fxp0 src or dst port 5050 for example

              fxp0 is my interface …your can be different

              tcpflow -c -s -i fxp0 src or dst host 192.168.1.3 and port 5050

              another example but in this case sniffing an ip from your netwok

              Those are for ports upper mentioned (yahoo messenger  ;)) but of course that u can play with a lot of ports

              1 Reply Last reply Reply Quote 0
              • S
                sullrich
                last edited by Jan 26, 2007, 11:50 PM

                Recent snapshots have a tcpdump GUI component.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                  [[user:consent.lead]]
                  [[user:consent.not_received]]