Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PFS Logging Web Traffic…

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 4 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      NeedSense1
      last edited by

      Okay everyone, rookie here obviously, so I'll make this quick as clearly I have a lot to learn. Does PFS log traffic in anyway?

      I only ask because a friend helps me tweak PFS, and loves to bust my chops that he has access to all my house's internet activity.

      Thanks in advance!

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        If you can't trust the person setting up your firewall, they shouldn't be setting up your firewall.

        pfSense logs plenty, but if the person setting up your firewall doesn't want the access to be logged, they can turn logging off.  See how that works?

        But, in general, pfSense doesn't log web activity of LAN clients out to WAN.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • D
          divsys
          last edited by

          The other basic thing to check is that YOU have access to  the admin password.
          And there are no other admin users on the box.

          Sounds like a good excuse to learn more about pfSense…..

          -jfp

          1 Reply Last reply Reply Quote 0
          • N
            NeedSense1
            last edited by

            @Derelict - Well I trust him but he's a chop buster for sure so the less excuse he has the better.

            @divsys - Yes, I've certainly learned a lot by forcing myself to research and see all the options PFS offers. As far as your suggestion, I'm the only one with access now with no other accounts on board. But he talks about wireshark and port sniffers and just LOVES to break my balls! So my question was \ is are there other ways to get in and or have logs sent directly to someone else?

            Either way I appreciate your help.

            1 Reply Last reply Reply Quote 0
            • M
              mer
              last edited by

              "wireshark and portsniffers" require "proximity".  In order to capture packets (wireshark) of what is coming out of  your WAN port, he'd need to know the assigned IP address.  If you are behind a cable modem, he'd need to know the IP address assigned to it.  Depending on the infrastructure of your ISP, he may not be able to get to it. 
              Port sniffers, pretty much the same thing.
              Is it possible that he also installed something on equipment in your home network to provide access/data?  Yes, that's the way malware/virus/ransomware do a lot of things.

              Sending logs elsewhere:  Yes, it's possible.

              The default pfSense install is:
              Everything originating from LAN side is allowed out WAN
              Everything originating from WAN side is blocked UNLESS it is a response to LAN traffic.

              The second point only matters if you are running a service you want accessible from the public internet (web server, ftp server, etc).
              A simple thing to do would be to post screenshots of the rules that are configured on your WAN, LAN interfaces, any floating rules.  A list of installed packages would also help.

              If he's busting chops to make sure you learn and understand that's good, just don't let trust overrule common sense.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.