Real time traffic logging?

Sampl3x

Is it possible to view live traffic in real time view in pfsense?

Coming from Sophos UTM i could see live traffic what is blocked and passed.

stephenw10

You can use the dynamic view in the firewall logs to see real time blocked traffic. If you add logging to pass rules you will see that there as well.

Steve

Sampl3x

@stephenw10 Thanks for your quick reply.
I looked at that option but it isnt live. The view doesnt update live time. I have to click pause and unpause button to refresh the data or wait 20/30 seconds for the view to get refreshed.

Can this be changed?

AKEGEC

You need to enable logs for all egress and ingress rules especially in floating rules. Go to Firewall>rules>floating>edit >checked enable log. I don't the cap of your HW, but just do it for 1 or 2 weeks for monitoring.

stephenw10

Just how 'live' do you need it to be?

You could tail the filter log at the command line if you really want to see it as it happens.

You might try using the ntop-ng package. Or one of the other monitoring packages: https://docs.netgate.com/pfsense/en/latest/monitoring/graphs/bandwidth-usage.html

Steve