I’ve had a Netgate pfSense firewall guarding my home LAN for almost a year now, but since I work with other things than computers I never find the time to “advance to the next level” in understanding pfSense. I hope the forum can suggest which route would be best for me to pursue given what I want to achieve (below).
I recently installed a RaspberryPi media server that plays music from my freeNAS to my hifi.
What is the best way to find out exactly what connections the raspberry pi (10.0.0.45) establishes to the internet?
I have tried creating a PASS rule on the LAN interface for any ports from source 10.0.0.45 to destination “inverted LAN net” and to have those passes logged. To my understanding that should capture traffic out to the internet from the device. But nothing ever shows up in the logs (when I filter on 10.0.0.45 as source) even though I know for a fact that some traffic is occurring because I can listen to internet radio via the device.
I see people on the internet lamenting that pfSense has poor traffic monitoring capabilities since bandwidthD was deprecated. Others say ntopng is the proper tool to use but it strikes me as overkill for what I want to do. I am thinking vanilla pfSense should be able to do what I want, but maybe I just have not grasped how to do it?
I’d appreciate a push in the right direction.