Netgate Store

Author Topic: How to use pfsense as a transparent sniffer only  (Read 223 times)

0 Members and 1 Guest are viewing this topic.

Offline crevettedragon

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
How to use pfsense as a transparent sniffer only
« on: February 01, 2018, 06:49:18 pm »
Hi,

Here is my use case: I want to upgrade my current internet box with a pfsense box. However, the traffic between the tv box and the internet box is special and I want to investigate it to be able to properly configure my pfsense box.


As such I want a "sneaky" pfsense that will simply log all traffic and act as a simple Ethernet cable from the internet and tv box perspective.

What would be the best way to do it ?

Offline Derelict

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 10572
  • Karma: +1209/-324
    • View Profile
Re: How to use pfsense as a transparent sniffer only
« Reply #1 on: February 01, 2018, 07:33:29 pm »
Why wouldn't you just use a switch with a mirror port there and do whatever you want with the traffic? Wireshark, tcpdump, etc.

Certainly easier than trying to be transparent with a proxy.

You don't need to hammer a square firewall into that round hole.
Las Vegas, Nevada, USA
Use this diagram to describe your issue.
The pfSense Book is now available for just $24.70!
Do Not PM For Help! NO_WAN_EGRESSTM

Offline HackedComputer

  • Newbie
  • *
  • Posts: 14
  • Karma: +0/-0
    • View Profile
Re: How to use pfsense as a transparent sniffer only
« Reply #2 on: February 09, 2018, 11:03:54 am »
Why wouldn't you just use a switch with a mirror port there and do whatever you want with the traffic? Wireshark, tcpdump, etc.

Certainly easier than trying to be transparent with a proxy.

You don't need to hammer a square firewall into that round hole.

This or a LAN TAP such as a Throwing Star LAN TAP