Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    More details than bandwidthd?

    Scheduled Pinned Locked Moved General pfSense Questions
    17 Posts 5 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      lewis @ptt
      last edited by lewis

      @ptt

      Those appear to be command line tools which we use all the time. I'm asking for something built into pfsense that will gather this information similarly to what bandwithd does but more detailed
      breakdowns.

      I'll take a look in case I didn't notice something. Thank you.

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        You tried ntop-ng?
        https://docs.netgate.com/pfsense/en/latest/monitoring/graphs/bandwidth-usage.html#ntopng

        Steve

        L 1 Reply Last reply Reply Quote 1
        • L
          lewis @stephenw10
          last edited by

          @stephenw10

          I'll take a look thanks.

          Do you know if adding/removing packages to try out leaves all kinds of mess behind or not a big issue?

          pttP 1 Reply Last reply Reply Quote 0
          • pttP
            ptt Rebel Alliance @lewis
            last edited by

            It shouldn't....

            Sin título.png

            L 1 Reply Last reply Reply Quote 1
            • L
              lewis @ptt
              last edited by

              This post is deleted!
              1 Reply Last reply Reply Quote 0
              • L
                lewis
                last edited by

                Thanks, I'm checking out ntopng.
                The only odd thing is that the package installer installed a certain version but the ntop page keeps telling me there is an update but I don't see any way to update.

                L 1 Reply Last reply Reply Quote 0
                • L
                  lewis @lewis
                  last edited by lewis

                  @lewis I am now reading that ntpng has serious security issues? Is this true and if so, why is it available as a package on pfsense without such a warning?

                  - net-analyzer/ntopng-4.0::gentoo (masked by: package.mask, ~amd64 keyword)
                  /usr/portage/profiles/package.mask:
                  # Sam James <sam@gentoo.org> (2020-07-20)
                  # Serious security vulnerabilities, including
                  # remote code execution. Upstream have not yet
                  # made a stable release in response to numerous
                  # CVEs. Applying patches is not a workable
                  # solution for now because of the fragility
                  # of reverse dependencies.
                  # Indefinitely masking until we have a solution
                  # for this.
                  # bug #719084
                  # Furthermore, ntopng ebuilds depending directly on dev-lang/lua{,jit}
                  # must be migrated to lua eclasses before unmasking (bug #752777).
                  
                  NogBadTheBadN johnpozJ 2 Replies Last reply Reply Quote 0
                  • NogBadTheBadN
                    NogBadTheBad @lewis
                    last edited by

                    @lewis pfSense isn't even using ntopng4.0, its 3.8.

                    Andy

                    1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

                    L 1 Reply Last reply Reply Quote 0
                    • johnpozJ
                      johnpoz LAYER 8 Global Moderator @lewis
                      last edited by johnpoz

                      Not to make light of issues, especially remote code execution.. but If running this correctly on your network.

                      How would anyone other than admin, your management vlan have any possible way to talk to the service to do a remote code anything.

                      Now if your saying someone on a network that is being monitored.. Could send some traffic that would exploit ntop in such a way to do something.. Then yeah that would be a serious concern.

                      But sometimes you need to look into how such issues can actually be exploited.. If you have to have admin rights already, or be on the management vlan to exploit it.. While sure they need to be taken into account, and should be fixed. On a properly ran network, they should not be of such a concern that you don't run the application - when it provides you something you want/need to be able to do.

                      An intelligent man is sometimes forced to be drunk to spend time with his fools
                      If you get confused: Listen to the Music Play
                      Please don't Chat/PM me for help, unless mod related
                      SG-4860 24.11 | Lab VMs 2.8, 24.11

                      1 Reply Last reply Reply Quote 0
                      • L
                        lewis @NogBadTheBad
                        last edited by lewis

                        @nogbadthebad said in More details than bandwidthd?:

                        @lewis pfSense isn't even using ntopng4.0, its 3.8.

                        Yes, I do see an update in the packages installed now. I've used that but it is still showing 3.8 in the dashboard of ntopng.

                        Is the new version more secure based on what I posted?

                        In terms of access, I have to remotely access the firewall so using it is not from the LAN side.

                        L 1 Reply Last reply Reply Quote 0
                        • L
                          lewis @lewis
                          last edited by

                          After the update, the package manager now shows 0.8.13_8. Totally confused.

                          johnpozJ 1 Reply Last reply Reply Quote 0
                          • johnpozJ
                            johnpoz LAYER 8 Global Moderator @lewis
                            last edited by johnpoz

                            Those are the version numbers of the "packages" for pfsense - not the version of the software being used in the package.

                            pkg.png

                            An intelligent man is sometimes forced to be drunk to spend time with his fools
                            If you get confused: Listen to the Music Play
                            Please don't Chat/PM me for help, unless mod related
                            SG-4860 24.11 | Lab VMs 2.8, 24.11

                            L 1 Reply Last reply Reply Quote 0
                            • L
                              lewis @johnpoz
                              last edited by

                              @johnpoz
                              Yes, I noticed that after I posted. It seems there is no way to get to 4.x so the question is, based on what I posted, is this package safe?

                              johnpozJ 1 Reply Last reply Reply Quote 0
                              • johnpozJ
                                johnpoz LAYER 8 Global Moderator @lewis
                                last edited by

                                That call is yours.. There are thousands of thousands of install running it of that I am sure..

                                If it was of serious concern, I would assume it would be patched, or pulled or atleast a serious warning, etc.

                                Again see my above posts about who can access what when it comes to exploitable things.. Are you worried about some issue with exploit if the person has to be at the console logged in as root to exploit it ;)

                                Same goes with any other exploitable issue - what is the complexity of actually pulling off the exploit.. Example - lets say that there is some serious exploit to ssh.. And anyone that can ssh to X, can get root access.. While this is a concern sure if you have ssh open to the internet. Is it a concern if the only one that can talk to ssh is IP abc, who is the root admin of the box in the first place.. And that IP is local, and the PC is in a locked room ;)

                                An intelligent man is sometimes forced to be drunk to spend time with his fools
                                If you get confused: Listen to the Music Play
                                Please don't Chat/PM me for help, unless mod related
                                SG-4860 24.11 | Lab VMs 2.8, 24.11

                                L 1 Reply Last reply Reply Quote 0
                                • L
                                  lewis @johnpoz
                                  last edited by

                                  I have no lack of understanding what the issues could be but that wasn't the question :). Either way, I appreciate all that input and I'm sure it will help the next person that finds this.

                                  In the meantime, I'm going to use it.

                                  Thanks.

                                  1 Reply Last reply Reply Quote 0
                                  • First post
                                    Last post
                                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.