Text only | Text with Images

OPNsense Forum

English Forums => Intrusion Detection and Prevention => Topic started by: someone on June 26, 2024, 02:00:17 AM

Title: Newb Question; how to log all packets, promiscuous mode on WAN
Post by: someone on June 26, 2024, 02:00:17 AM
I havnt found a way
Is there a way to log all packets on WAN side, in promiscuous mode, thats what I was trying to alter in suricata yaml was turn it on,
but it resets to default after reboot. Not the log packets in the firewall having to do with a rule, but all packets on WAN
And does it store them in log files
Thanks in advance
Title: Re: Newb Question; how to log all packets, promiscuous mode on WAN
Post by: someone on June 26, 2024, 09:53:17 PM
after thinking about that
I mean all packets coming with my IP, like suricata does
Like wireshark does
Can we add a package
Thanks
Title: Re: Newb Question; how to log all packets, promiscuous mode on WAN
Post by: Patrick M. Hausen on June 26, 2024, 10:00:12 PM
tcpdump is installed by default.
Title: Re: Newb Question; how to log all packets, promiscuous mode on WAN
Post by: someone on June 26, 2024, 10:17:17 PM
oh thanks
I didnt see it, feeling dumb
That I know how to use
I will try that in the shell
I keep liking opnsense more and more
Its easier and shows more faster than a linux box setup with suricata
Thanks again for your help
Title: Re: Newb Question; how to log all packets, promiscuous mode on WAN
Post by: cookiemonster on June 26, 2024, 10:29:09 PM
Even better, tcpdump installed by default has GUI integration if you want that too.
Title: Re: Newb Question; how to log all packets, promiscuous mode on WAN
Post by: someone on June 26, 2024, 11:26:06 PM
oh I missed that, wow
Its under interface - diagnostics - packet capture

Thanks again everyone for your help
Dont want to blab on to much
Text only | Text with Images