How can I monitor bandwidth usage?

From PFSenseDocs

There are several methods for monitoring bandwidth usage, with different levels of granularity.

Contents 1 pftop 2 trafshow 3 Built-in Graphs 4 BandwidthD 5 Darkstat 6 NTOP 7 Monitoring on Multiple Interfaces 8 Netflow 9 vnstat

pftop

If a connection is currently active, you can connect to your pfSense router's console (physical access or ssh) and watch the traffic flow with pftop (Option 9).

trafshow

Another option for viewing real time throughput is trafshow. To install it, log in via SSH, choose option 8 and run:

pkg_add -r trafshow
rehash

To run it, at a SSH command prompt, run:

trafshow

Then select the interface.

Built-in Graphs

If you are only interested in overall per-interface usage, there are built-in RRD graphs on pfSense, which can be found under Status > RRD Graphs.

BandwidthD

If you need a little more detail, such as by client IP on your LAN interface, there is a package for bandwidthd that you can install under System > Packages. Once installed, it appears under Services > BandwidthD.

Darkstat

Darkstat is also available in System > Packages. Once installed, it appears under Diagnostics > darkstat. It also offers bandwidth graphs for an interface, as well as traffic to/from specific IP addresses.

NTOP

If you need even more detail than that, you might need the ntop package, which can also be found under System > Packages. It can break down detail by IP, protocol, and so on. Once installed, it appears under Diagnostics > ntop. It will even track where connections were made by local PCs, and how much bandwidth was used on individual connections.

Monitoring on Multiple Interfaces

Currently, darkstat and bandwidthd do not listen on multiple interfaces. ntop will listen on multiple interfaces, but the WebGUI may not show both selected in the ntop settings page. You can confirm it is listening on multiple interfaces by going to Diagnostics > Command and typing:

ps xa | grep ntop

You should see a line that looks like:

$ ps xa | grep ntop
59649  ??  Ss     0:06.17 /usr/local/bin/ntop -i fxp0,ng0 -u root -d --ipv4 -M

Note that if you make changes to the settings, you should probably reselect the desired interfaces before pressing the Save button.

Netflow

Netflow is another option for bandwidth usage analysis. Netflow is a standard means of traffic accounting supported by many routers and firewalls. You need a Netflow collector running on a host inside your network to collect the data. pfSense can export Netflow data to the collector using the pfflowd package.

vnstat

vnstat is another bandwidth monitoring tool available to install as a package. For more information on vnstat, visit its forum thread: http://forum.pfsense.org/index.php/topic,14179.0.html