Feature #14611
closed
tracking flows and added context
0%
Description
pfSense does not have a cleaner way to track flows going through the firewall.
Seeing if a packet matches a rule is good but there isnt much information related to that flow that can be gathered.
Bytes sent and received are an excellent way to know there is bidir communication happening and can eliminate routing/firewall issues during the course of troubleshooting. Or perhaps how much data was exchanged for a particular session on a specific date? If the firewall is the central device controlling flows, today there is no way to get basic context about flows
Not sure how this would work in its current state. Lots of data in a high-volume environment and so a database would need to be installed as well. sqlite with an option for an external database.
Overall, I am advocating for a bit more data if possible to be gathered by established flows from pf.
I did start a forum question on this.
https://forum.netgate.com/topic/181758/tracking-flows/3?_=1690295939884
Updated by