Counting traffic in pfsense for Remote Desktop.
We have installed pfsense 2.2.6 + squid (transparent ) + squidguard in our office and functioning quite well as expected.
However, we could not resolve the following.
A. We have limited bandwidth at our disposal. A couple of staff members are supposed to connect to remote Windows 2008 Terminal server on another public IP @ another location, for their regular work for the full day. We are unable to count the bandwidth usage by the people who are using remote desktop connection. We have installed Sarg, Lightsquid and Bandwidthd for reporting purpose, but it seems that none of the package is able to really count the traffic used by port 3389 ( Remote Desktop connection to remote host ). [ Due care has been taken to pass all the tcp/udp traffic passes thru pfsense firewall only ]
Please suggest appropriate package / method to compute this on per ip basis. Alternatively can any one show on how to count the traffic on the basis of port number generically.
B. A couple of staff members are using bluestacks ( android emulator on pc ) for whatsapp on pc. How to control, count or block the traffic used by Bluestacks.
C. A few irritants are using torrents. How to control, count or block the traffic used by torrent ( peer to peer applications )
For us the bandwidth usage is important as there is a cap on monthly basis. After reaching to the cap the ISP drops the download speed from 10 mbps to mere 512 kbps and often last week of the month we are reaching low speed scenario.
Any help in respect to above is much appreciated.
Use netflow and prtg. It can give you a real insight into what's going on in the network.
For torrent you can use snort at least to identify users doing so.