I am considering changing from Untangle to pfSense as the router at church. Untangle allows me to capture web traffic info in a PostgreSQL database that I can then run my own queries against, and keep it all on the router itself. How could I configure something like pflow/netflow or something similar to do the same. I really want the netflow collector to use a PostgreSQL database and be installed on the router like I do with Untangle (There are several reasons for this, but I don't want to go into them here). The server is an HP DL360 G6 with 2 quad-core Xeon and 16GB RAM (a donation from my workplace), so I know it can handle this.
The real question boils down to 2 points:
1. how do I get PostgreSQL installed on the pfSense server?
2. how do I get a collector installed on the server?
I believe I can do the rest my self since I did get a 2 server setup like this going already. I just don't know how to get it all on the one server.
about 800 wireless users on any given Sunday. pretty much dead the rest of the week
currently we have a 10Mbit DSL connection, but the ISP is getting ready to deploy 30Mbit fiber in a few months
I just got pfSense up and running at home on a Dell c6100 cloud server and reall like it so far.
bump. Is there no one who knows how to install PostgreSQL on a pfsense box?
I don't know if untangle can work in this way, but I frequently use the following setup for logging:
Install a free hypervisor (vsphere) on the server an create a regular pfsense Firewall VM.
Then mirror the physical switchport and let an untangle VM see a copy of the traffic on a different vswitch in promiscous mode.
This separates the two systems and allows you to gain much better performance and independent upgradeability.
I have come across others recommending a similar setup. I just figured out how to use the pkg command to enable the freBSD repos and install the database from there. I know that your suggested configuration is probably more reliable in terms of upgrades, but I think it is still overkill for my current needs.
Thank you for the reply though.
… HP DL360 G6 with 2 quad-core Xeon and 16GB RAM ...
I know that your suggested configuration is probably more reliable in terms of upgrades, but I think it is still overkill for my current needs.
And the machine you're running isn't overkill? It would make a great ESXi server. You could run up pfSense, untangle, a web server, mail server, NAS, whatever - all on one machine.
Yes, my machine is overkill. It was a BlackBoard database server at the university I work at. I just hate to introduce more software complexity than I really need. It just so happens that the university is going to donate another HP server with 1 quad-core xeon, so I may yet end up with a 2 server setup for this after all. It will be a couple weeks before we get a hold of this second server though.
maybe its just me, but installing non security, or very basic network functionality features (dhcp, dns) on my firewall seems like bad juju to me.
I would go the VM route - this allows you to use the same hardware for lots of thing, but still isolate from installing stuff on your firewall OS.