Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Wireshark for pfsense?

    pfSense Packages
    5
    7
    117
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      Cool_Corona last edited by

      Hi there

      Anybody has impelemented this on the network??

      1 Reply Last reply Reply Quote 0
      • NogBadTheBad
        NogBadTheBad last edited by

        https://docs.netgate.com/pfsense/en/latest/book/packetcapture/using-wireshark-with-pfsense.html

        Andy

        1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

        1 Reply Last reply Reply Quote 0
        • M
          mcury last edited by

          I use this method, however, sometimes, the tcpdump gets stuck after closing the wireshark.
          I have to kill the process.

          SG-3100 22.01 / Unifi Flex Mini / Unifi NanoHD

          1 Reply Last reply Reply Quote 0
          • kiokoman
            kiokoman LAYER 8 last edited by kiokoman

            i use SPAN protocol where there is a Raspberry with Wireshark listening
            you need a switch that support it or a dedicated network interface on pfSense
            https://docs.netgate.com/pfsense/en/latest/book/bridging/creating-a-bridge.html#span-port

            ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
            Please do not use chat/PM to ask for help
            we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
            Don't forget to Upvote with the 👍 button for any post you find to be helpful.

            DaddyGo 1 Reply Last reply Reply Quote 0
            • C
              Cool_Corona last edited by

              Why is there no package for this built in pfsense?

              1 Reply Last reply Reply Quote 0
              • kiokoman
                kiokoman LAYER 8 last edited by

                because it's a firewall and wireshark is a network protocol analyzer?
                "packet capture" is already available under Diagnostics, probably wireshark would be too heavy for embedded systems

                ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
                Please do not use chat/PM to ask for help
                we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
                Don't forget to Upvote with the 👍 button for any post you find to be helpful.

                1 Reply Last reply Reply Quote 1
                • DaddyGo
                  DaddyGo @kiokoman last edited by DaddyGo

                  @kiokoman

                  I agree, SPAN is a good solution, we use on Cisco SG350 series switchs with Wireshark VLAN + SPAN

                  b26f5637-d4cc-4875-8207-4a86c9ac9d3a-image.png

                  Cats bury it so they can't see it!
                  (You know what I mean if you have a cat)

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post