How to monitor individual LAN traffic per local IP address in pfsense 2.3



  • how to monitor individual LAN traffic per local IP address in pfsense 2.3.  Before it was possible with BandwidthD and ntop, while using 2.2.6.  But after I upgraded to 2.3, it disappeared.  please help me.


  • Rebel Alliance Developer Netgate

    ntopng will be back soon, when the FreeBSD port issues are resolved, which we're keeping an eye on and helping to move along as we can.

    Keep an eye on https://www.freshports.org/net/ntopng/ – it shows "deprecated" and that the port expired. When that returns to a normal state, our package will not be far behind.



  • Thanks for your quick reply.  What about BandwidthD.  It was a nice tool to get summary of the usage of my home internet clients.  will it be back soon?  Is there any way to go back to 2.2.6? can you please provide me the full image file link for pfsense 2.2.6 /32 bit/x86



  • @anwar.s.05:

    can you please provide me the full image file link for pfsense 2.2.6 /32 bit/x86

    They are still there on the mirrors, just click on 'just show me the mirrors' and pick one.
    e.g.- https://nyifiles.pfsense.org/mirror/downloads/



  • Thank you very much.



  • I believe DarkStat has an option to limit it to showing just the addresses of the LAN hosts, as opposed to both the LAN and remote hosts… but I don't believe darkstat data is persistent across reboots; I'm pretty sure it gets reset if the box gets restarted.



  • Will BandwidthD be back to pfSense v2.3 ?

    Chile Movistar started to use "limited metering bandwidth" for Internet use here now, so it's crucial to have something like BandwidthD.  ???

    RRD is way too simple under v2.3 now.  :'(


  • Rebel Alliance Developer Netgate

    @Gradius:

    Will BandwidthD be back to pfSense v2.3 ?

    Chile Movistar started to use "limited metering bandwidth" for Internet use here now, so it's crucial to have something like BandwidthD.  ???

    RRD is way too simple under v2.3 now.  :'(

    It's not clear if bandwidthd will be back. We had reports of it making some people's system unbootable, but we could never reproduce the problem.



  • As much as I LOVE pfSense, the monitoring and reporting of traffic is really lacking overall.

    I wish we could get something that would work and be easy to read/report on. None of the packages that were available in 2.2 were very usable (my opinion), and now there are even less in 2.3. :/


  • Rebel Alliance Developer Netgate

    Install softflowd, drop nfsen somewhere on your network, pretty good visualization. Not perfect, but usable.



  • I'll definitely give that a shot! Looks promising.



  • @jimp:

    Install softflowd, drop nfsen somewhere on your network, pretty good visualization. Not perfect, but usable.

    softflowd isn't a solution as it asks for a NetFlow server.



  • I think that was his point. Use softflowd on pfsense, and also an external server running nfsen to do the analysis.

    Not an in-box pfsense solution, but may work for me as spinning up a VM for nfsen would be easy.


  • Rebel Alliance Developer Netgate

    @JasonJoel:

    I think that was his point. Use softflowd on pfsense, and also an external server running nfsen to do the analysis.

    Not an in-box pfsense solution, but may work for me as spinning up a VM for nfsen would be easy.

    Yes, exactly.

    @jimp:

    Install softflowd, drop nfsen somewhere on your network, pretty good visualization. Not perfect, but usable.

    nfsen is a netflow server.



  • @JasonJoel:

    Not an in-box pfsense solution, but may work for me as spinning up a VM for nfsen would be easy.

    Not for me as I use a dedicated computer for pfSense (no VM at all here).  :o



  • @jimp:

    @JasonJoel:

    I think that was his point. Use softflowd on pfsense, and also an external server running nfsen to do the analysis.

    Not an in-box pfsense solution, but may work for me as spinning up a VM for nfsen would be easy.

    Yes, exactly.

    @jimp:

    Install softflowd, drop nfsen somewhere on your network, pretty good visualization. Not perfect, but usable.

    nfsen is a netflow server.

    I too was using bandwidthd, because it was the easiest to setup and use and it was the simplest (I'm not running a million dollar company here, alls i want to know is: how much GB was used this month, and who used most).

    I tried nfsen, was a bit more difficult to get setup, but I did it. Now i visit the nfsen 'page' on my webserver…all I get is a bunch of rrd graphs (which are already present in pfsense by default, and are a lot better tbh). And still no way of splitting by IP (forget about resolving the IP to hostname). Am I doing something wrong? A lot of things seem extremely broken in the webpage tbh, images not showing properly, styles not being applied (nothing is formatted i just see a list of links and broken images in one giant column).





  • +1 The changes / fixes on 2.3 are very nice but desperately miss simple monitoring by IP that bandwidthD provided. Most smaller sites do not justify time spent to set up netflow or similar. Does anyone know if bandwidthD is fixable in 2.3 or is there some major technical reason it can't happen?


  • Rebel Alliance Global Moderator

    @Tjh:

    I tried nfsen, was a bit more difficult to get setup, but I did it. Now i visit the nfsen 'page' on my webserver…all I get is a bunch of rrd graphs (which are already present in pfsense by default, and are a lot better tbh). And still no way of splitting by IP

    It can process your top talkers for you..

    Bottom of the details page..  see attached pic I just set this up last night.. Or you could add this plugin
    https://sourceforge.net/projects/hoststats/
    HostStats allows you to look on your NetFlow data from a different point of view - it calculates statistics about network traffic of each individual host (IP address) in the network.

    It not all that hard to setup ;) Took a couple of minutes - good instructions here https://www.youtube.com/watch?v=rge1mBvzj5E you don't have to watch the video I hate those!!  The instructions are in text in the comments.

    But it would be nice a simple built in way to track by IP data use..