• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Stats on number of unique IPs from WAN using servers on LAN?

Scheduled Pinned Locked Moved General pfSense Questions
3 Posts 3 Posters 584 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A
    awallin
    last edited by Aug 21, 2015, 10:16 AM

    Hi,
    I'm a new pfsense user, just installed first firewall this week.

    I'm interested in the number of users from WAN (the internet) using servers/services we have sitting on the LAN/DMZ side of the firewall (such as www-pages and NTP-servers for example).

    From the number of states I can get a rough estimate, but there is one state for each port/IP combination (as well as ICMP for ping:ers), so the number of states overestimates the number of unique IPs.

    Is there an easy way to get number of unique IP numbers and possibly RRD graphs of this too? Thanks.

    Anders

    1 Reply Last reply Reply Quote 0
    • F
      firewalluser
      last edited by Aug 21, 2015, 12:03 PM Aug 21, 2015, 11:31 AM

      I personally export every to a syslog server a) to have a separate copy running on a different OS behind another fw in case of problems which lock me out of pfsense and b) use the exported data in realtime to monitor what I want to monitor.

      If you set your fw rules to log, the default is for them to be unticked when setting up a rule, not forgetting the tick box options above the export everything option for the syslog [edit in system log, settings tab], you can use this as a separate data source to work out the state table as a double check for this:
      https://forum.pfsense.org/index.php?topic=60509.0

      The link does what you are looking for.

      Capitalism, currently The World's best Entertainment Control System and YOU cant buy it! But you can buy this, or some of this or some of these

      Asch Conformity, mainly the blind leading the blind.

      1 Reply Last reply Reply Quote 0
      • T
        tim.mcmanus
        last edited by Aug 21, 2015, 12:04 PM

        There is a package called ntop that you can install in pfSense that might do what you're looking for.  I have limited experience with it, but I think I remember it being able to show and report on which IPs were coming into/out of the firewall.

        1 Reply Last reply Reply Quote 0
        3 out of 3
        • First post
          3/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received