Results 1 to 10 of 10
  1. #1
    Newbie
    Join Date
    Mar 2011
    Posts
    6

    Default Real-time Traffic Viewer

    I come from a background of using Checkpoint firewalls and a little bit of Cisco ASA's, and one thing that helped me out a great deal was being able to see in real-time, was the traffic as it passed through the firewall. Many times I needed to open additional ports, or just see what ports were being used to make a rule more granular, and I would setup an access-list or run a fwmonitor command, and be able to see what traffic was passing, or being blocked. I think this is what Untangle needs.

    It is nice to be able to use the AD Connector and use the domain user accounts, but I havnt seen a way to look at a log to see what a specific user is connecting to, or to see a list of what everyone is connecting to and who that user is. All I see are IP addresses and that is not always very helpful, or can take a long time to track down, if at all.

    Perhaps there is a way to do this through the command line console, and if so, please point me in the right direction; but if not, I think this is something that needs to be added and will be very helpful.

    Also, with regards to the firewall, being able to make groups and applying those groups to rules would be helpful as well. Much better than having to make multiple rules of the same access.

  2. #2
    Master Untangler
    Join Date
    Apr 2007
    Posts
    641

    Default

    from the gui, click on the default rack button at the top and go to session viewer.


    from the command line you can also run jnettop.

  3. #3
    Newbie
    Join Date
    Mar 2011
    Posts
    6

    Default

    Do you have a list of commands for the jnettop? I am not familiar with that.

    The Show Sessions is nice, but it doesnt show anything about usernames. It would be helpful to know what user was doing what. The session viewer also does not allow me to watch a specific IP if I wanted to. There is no way, that I know of right now, to pull up a list or make one or just watch it in real-time, access to one IP address (or hostname) if I wanted to. I think Untangle just needs something that can do this in real-time if/when needed.

  4. #4
    Untangle Ninja proactivens's Avatar
    Join Date
    Sep 2008
    Location
    Greensburg, Pa
    Posts
    2,369

    Default

    And you would be willing to pay for this feature if developed?
    www.nexgenappliances.com
    Toll Free: 866-794-8879
    UNTANGLE STAR PARTNER
    Follow us at spiceworks!

  5. #5
    Newbie
    Join Date
    Mar 2011
    Posts
    6

    Default

    Quote Originally Posted by proactivens View Post
    And you would be willing to pay for this feature if developed?

    Perhaps. Web Cache was developed but I did not have to pay for it since I have the education premium package. I would assume the same thing for something like this. However, I wouldnt be suprised if the renewal price increases.

  6. #6
    Untangler memothejanitor's Avatar
    Join Date
    Nov 2009
    Posts
    97

    Default

    I added a couple requests through bugzilla such as MAC ID lookup by clicking a MAC ID, Ip lookup or whois nslookup, and also port lookup, I'd suggest you to go here and make a request http://bugzilla.untangle.com/

  7. #7
    Untangler dozer's Avatar
    Join Date
    Nov 2009
    Location
    Johannesburg
    Posts
    30

    Default

    I could do with something like this. Even it`s just a filter to view a specific user or ip in Webfilter so I could monitor them for a few minutes etc via auto refresh.
    :poke:

  8. #8
    Untangle Ninja gotkimchi's Avatar
    Join Date
    Jan 2007
    Location
    Bay Area
    Posts
    2,112

    Default

    If you have the Directory connector, I would have two windows open, one for the currently logged in users (which shows the AD names and IP addresses), and the other window the show sessions.

    Finally, you can try the packet capture on config, networking, troubleshooting.
    to be understood, you must first understand.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself. If you need Untangle support please call or email support@untangle.com

  9. #9
    Untangle Ninja
    Join Date
    May 2008
    Posts
    1,287

    Default

    If you can get to the physical console, type wireshark and wireshark will pop up. If it's not easy to get to it there are a couple of ways to remote to it too.

    Don

  10. #10
    Master Untangler
    Join Date
    May 2008
    Posts
    126

    Default

    what about tcpdump with networkminer as posted here: http://forums.untangle.com/tip-day/9...-untangle.html

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2