Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
How do I analyze traffic?
« previous
next »
Print
Pages: [
1
]
Author
Topic: How do I analyze traffic? (Read 9607 times)
jsrober
Newbie
Posts: 13
Karma: 0
How do I analyze traffic?
«
on:
July 14, 2019, 03:50:30 am »
Hi,
Thanks so much for OPNsense. It's wonderful to have such a powerful solution.
How do I analyze the traffic on my network?
I have IOT devices and I wonder what they are doing. Are they connecting outside my network? What ports are they using?
How do the pro's use OPNsense to figure this out?
I have OPNsense running on a very beefy dedicated PC with plenty of storage. Do I do a packet capture and then analyze the data? Is there a way to capture netflow data and then review it with some sort of purpose-built GUI?
Thanks,
John
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: How do I analyze traffic?
«
Reply #1 on:
July 14, 2019, 08:45:16 am »
You can run tcpdump (also via the UI under packet capture), then download it and open it in Wireshark. The packet capture can also be done via the shell.
Logged
ruffy91
Jr. Member
Posts: 79
Karma: 9
Re: How do I analyze traffic?
«
Reply #2 on:
July 14, 2019, 08:58:29 am »
Try the ntopng plugin. It will analyze the traffic for you. You will se which protocol the devices speak with which country etc.
Logged
bartjsmit
Hero Member
Posts: 2023
Karma: 194
Re: How do I analyze traffic?
«
Reply #3 on:
July 14, 2019, 10:04:59 am »
Also consider putting your IoT devices on a separate VLAN to reduce the risk of compromise to the rest of your network.
Bart...
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
How do I analyze traffic?
