Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Wireshark for pfsense?

    Scheduled Pinned Locked Moved pfSense Packages
    7 Posts 5 Posters 694 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Cool_CoronaC
      Cool_Corona
      last edited by

      Hi there

      Anybody has impelemented this on the network??

      1 Reply Last reply Reply Quote 0
      • NogBadTheBadN
        NogBadTheBad
        last edited by

        https://docs.netgate.com/pfsense/en/latest/book/packetcapture/using-wireshark-with-pfsense.html

        Andy

        1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

        1 Reply Last reply Reply Quote 0
        • M
          mcury Rebel Alliance
          last edited by

          I use this method, however, sometimes, the tcpdump gets stuck after closing the wireshark.
          I have to kill the process.

          dead on arrival, nowhere to be found.

          1 Reply Last reply Reply Quote 0
          • kiokomanK
            kiokoman LAYER 8
            last edited by kiokoman

            i use SPAN protocol where there is a Raspberry with Wireshark listening
            you need a switch that support it or a dedicated network interface on pfSense
            https://docs.netgate.com/pfsense/en/latest/book/bridging/creating-a-bridge.html#span-port

            ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
            Please do not use chat/PM to ask for help
            we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
            Don't forget to Upvote with the 👍 button for any post you find to be helpful.

            DaddyGoD 1 Reply Last reply Reply Quote 0
            • Cool_CoronaC
              Cool_Corona
              last edited by

              Why is there no package for this built in pfsense?

              1 Reply Last reply Reply Quote 0
              • kiokomanK
                kiokoman LAYER 8
                last edited by

                because it's a firewall and wireshark is a network protocol analyzer?
                "packet capture" is already available under Diagnostics, probably wireshark would be too heavy for embedded systems

                ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
                Please do not use chat/PM to ask for help
                we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
                Don't forget to Upvote with the 👍 button for any post you find to be helpful.

                1 Reply Last reply Reply Quote 1
                • DaddyGoD
                  DaddyGo @kiokoman
                  last edited by DaddyGo

                  @kiokoman

                  I agree, SPAN is a good solution, we use on Cisco SG350 series switchs with Wireshark VLAN + SPAN

                  b26f5637-d4cc-4875-8207-4a86c9ac9d3a-image.png

                  Cats bury it so they can't see it!
                  (You know what I mean if you have a cat)

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.