Complete noob question regarding Squid Proxy

  • Hi people,

    I'm a complete noob when it comes down to pfsense, I only have basic network and IT understanding.
    Yet I had to put a pfsense server behind our companies social network and install captive portal and freeradius so I could monitor the bandwidth usage cause we are limited in the scenario we work in.

    Anyhow everything works as it should (atleast as far as I know), people can't access the internet without logging in with a login that I gave them.
    Using Squid Proxy reports I can check which IP used X amount of bandwidth.

    Yet I did some tests myself downloading torrents for about 3 GB, and none of that showed up on the Squid Proxy report.
    Everything is behind the Pfsense, how is this possible?
    I thought I was able to see everyones internet usage but apperently not everything shows up, anyway I can solve this?

    Thanks in advance

  • Squid proxy only track http & https traffic, even https traffic are also limited.

    You mentioned radius server has been setup, did you enable radius accounting?

    Radius accounting should give you total amount of traffic used per session for each user. But it won't provide a break down of how much was for youtube, torrent etc. For this you will need application awareness, not sure pfSense has any existing package that can provide this.

  • Yes, Accounting has been set up.
    I assume the use of accounting is that everyone gets their own personal login?

    The thing is where can I check the total bandwidth usage per 'account' then.
    Opening squid proxy it gives me a 'total bandwidth usage' of an IP address, which I can look up and link to a user then, but as you said, not all bandwidth is checked there.


  • For total bandwidth usage per account / user, put aside squid - it cannot provide this information.

    Look for this in your freeradius setup, in the accounting section.

    Haven't work with pfsense's freeradius package before, normally build freeradius from source on dedicated server. So unable to point you to specific page on the webUI for this information, maybe you can start a post for specific help on freeradius?

    One thing to remember, make sure your captive portal is properly configured to send accounting data to freeradius. Freeradius will have nothing to work with if your CP is not providing useful data.

  • You can't account for torrent files, but you could throttle them to prevent people racking up bandwidth on these time wasting files.

Log in to reply