Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Network monitoring with pfSense 2.1/BSD8.3

    Scheduled Pinned Locked Moved 2.1 Snapshot Feedback and Problems - RETIRED
    12 Posts 5 Posters 5.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • rcfaR
      rcfa
      last edited by

      There are a variety of packages ntop, darkstat, bandwidthd that seem to have at the very least overlapping functionality. I'm just curious if there are particular reasons to prefer one over the others in the context of pfSense 2.1/BSD 8.3

      Reasons to prefer would include, but aren't limited to, adapted to the new package system, higher efficiency in the use of system resources, etc.

      In essence, I need something that goes beyond RRD graphs, particularly I like to be able to track IP addresses, just in case I need to block some, and traffic patterns.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        It really depends on the resources you want to dedicate to it.

        darkstat/bandwidthd - probably about the same in terms of resources usage and reporting, though I prefer bandwidthd's graphs

        ntop - the 800 pound gorilla of monitoring, tons of detail but also takes a bit of resources to track everything.

        If you want the best of both worlds, export netflow to an external box and do reporting on flows there using some other netflow analysis software.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • rcfaR
          rcfa
          last edited by

          Thanks, I think I'll try ntop for a while.

          Currently my CPU is idling around 1% of usage, memory is not an issue (4GB for what is more or less comparable to a home network with some added services), so until I notice the system slowing down or having a significant load, I think ntop should be OK. I can always switch later.

          Also, ntop is already at least a package designed for pfSense 2.0 while the other two are still pfsense 1.x packages, so there are more likely installation/upgrade issues, I would speculate.

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            That isn't really an accurate label (1.x vs 2.x) that just indicates the lowest possible version the package can run on.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • rcfaR
              rcfa
              last edited by

              @jimp:

              That isn't really an accurate label (1.x vs 2.x) that just indicates the lowest possible version the package can run on.

              Uhm, I see. I always interpreted that the latest version a package is supported/tested on.
              Maybe it would be useful to add a column like that?
              It's really kind of hard to figure out what works or doesn't work, even when not dealing with snapshots…

              This might get worse with the new package system being introduced with 2.1...

              1 Reply Last reply Reply Quote 0
              • jimpJ
                jimp Rebel Alliance Developer Netgate
                last edited by

                If a package doesn't work for a platform/version, we remove it from the list. We only list the packages that are available for a given platform, if you see it, it's supposed to work.

                For example, on NanoBSD many packages are not shown because they do not work well with NanoBSD. And the list can be slightly different between amd64 and i386.

                Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                1 Reply Last reply Reply Quote 0
                • johnpozJ
                  johnpoz LAYER 8 Global Moderator
                  last edited by

                  "If a package doesn't work for a platform/version, we remove it from the list"

                  Not sure I would completely agree with that - you can get the vnstat2 package to kind of work with some extra work on your own.  But the frontend has errors and does not work.

                  So why is it listed for 2.1?

                  PHP Errors:
                  [30-May-2012 13:01:39 UTC] PHP Deprecated:  Function split() is deprecated in /usr/local/www/vnstat2/vnstat.php on line 130
                  [30-May-2012 13:01:39 UTC] PHP Deprecated:  Function split() is deprecated in /usr/local/www/vnstat2/vnstat.php on line 130
                  [30-May-2012 13:01:39 UTC] PHP Notice:  Undefined index: totalrx in /usr/local/www/vnstat2/index.php on line 77
                  [30-May-2012 13:01:39 UTC] PHP Notice:  Undefined index: totalrxk in /usr/local/www/vnstat2/index.php on line 77
                  [30-May-2012 13:01:39 UTC] PHP Notice:  Undefined index: totaltx in /usr/local/www/vnstat2/index.php on line 78
                  [30-May-2012 13:01:39 UTC] PHP Notice:  Undefined index: totaltxk in /usr/local/www/vnstat2/index.php on line 78
                  [30-May-2012 13:01:48 UTC] PHP Deprecated:  Function split() is deprecated in /usr/local/www/vnstat2/vnstat.php on line 130
                  [30-May-2012 13:01:48 UTC] PHP Deprecated:  Function split() is deprecated in /usr/local/www/vnstat2/vnstat.php on line 130
                  [30-May-2012 13:01:48 UTC] PHP Notice:  Undefined index: totalrx in /usr/local/www/vnstat2/index.php on line 77
                  [30-May-2012 13:01:48 UTC] PHP Notice:  Undefined index: totalrxk in /usr/local/www/vnstat2/index.php on line 77
                  [30-May-2012 13:01:48 UTC] PHP Notice:  Undefined index: totaltx in /usr/local/www/vnstat2/index.php on line 78
                  [30-May-2012 13:01:48 UTC] PHP Notice:  Undefined index: totaltxk in /usr/local/www/vnstat2/index.php on line 78

                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                  If you get confused: Listen to the Music Play
                  Please don't Chat/PM me for help, unless mod related
                  SG-4860 24.11 | Lab VMs 2.8, 24.11

                  1 Reply Last reply Reply Quote 0
                  • jimpJ
                    jimp Rebel Alliance Developer Netgate
                    last edited by

                    2.1 is in development so it's a special case. Packages there are far from stable in most cases.

                    The packages are listed there so people can find/fix bugs to make them work on 2.1.

                    Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                    Need help fast? Netgate Global Support!

                    Do not Chat/PM for help!

                    1 Reply Last reply Reply Quote 0
                    • johnpozJ
                      johnpoz LAYER 8 Global Moderator
                      last edited by

                      Yeah - I am not expecting packages to work in 2.1, and yup its a good idea to leave them so they can be tested..  Just a bit of ribbing on the "If a package doesn't work for a platform/version, we remove it from the list" comment is all ;)

                      An intelligent man is sometimes forced to be drunk to spend time with his fools
                      If you get confused: Listen to the Music Play
                      Please don't Chat/PM me for help, unless mod related
                      SG-4860 24.11 | Lab VMs 2.8, 24.11

                      1 Reply Last reply Reply Quote 0
                      • A
                        Alan87i
                        last edited by

                        @jimp:

                        If you want the best of both worlds, export netflow to an external box and do reporting on flows there using some other netflow analysis software.

                        Pf 2.1 should have a netflow analysis package!. Why use another box sucking more power.

                        1 Reply Last reply Reply Quote 0
                        • R
                          ryates
                          last edited by

                          @jimp:

                          If a package doesn't work for a platform/version, we remove it from the list. We only list the packages that are available for a given platform, if you see it, it's supposed to work.

                          Thanks for the explanation, as I too was unsure.  Given what you write (and accepting that dev snaps might violate expectations), the version column is quite superfluous and could be removed. Simplicity is always good if possible.

                          1 Reply Last reply Reply Quote 0
                          • rcfaR
                            rcfa
                            last edited by

                            @ryates:

                            @jimp:

                            If a package doesn't work for a platform/version, we remove it from the list. We only list the packages that are available for a given platform, if you see it, it's supposed to work.

                            Thanks for the explanation, as I too was unsure.  Given what you write (and accepting that dev snaps might violate expectations), the version column is quite superfluous and could be removed. Simplicity is always good if possible.

                            Maybe replace it with "package type" at least for whatever time it takes until packages are using the new package system…

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.