Router Charts

Router Charts

Router Ranker

Router Ranker

Router Chooser

Router Chooser

NAS Charts

NAS Charts

NAS Ranker

NAS Ranker

More Tools

More Tools

Security How To

In Part One of this series, we established a working definition of our target, i.e. what has to be done, and in what order, to Cerberus the lowly IDS firewall to make it a UTM Appliance. In Part Two, we started the conversion by installing and configuring multi-WAN support, Squid, IDS and anti-virus features. In Part 3, we added and configured Content Filtering, Traffic Control, Load Balancing and Failover.

In this last part, we'll wrap things up with Monitoring and Logging configuration, performance testing, final grading and reflection on the whole process.

Monitoring and Logging

There are numerous packages for logging and interfaces to external monitoring packages, summarized in Table 1.

Capability Explanation Features
Built-in Logging Protocols for logging system events SNMP, Syslogd, WebGui
RRD Graphs System Resources Graphic Monitoring Tool CPU Load, Traffic Throughput, Quality Handling, and Shaping Queues
Snort Alert Tracking and Status Barnyard2 package interface, Dashboard Widget
Squid Web and Cache statistic LightSquid
System Status Hardware and Package Status Dashboard, PHPsysinfo, WebGui, BandwidthD
External Interfaces Monitoring and Management Agents Zabbix, Radius, ntop
Table 1: Logging and monitoring packages

Several of these are built in, RRD Graphs are available is available from the Status menu, SyslogD can be configured there too, under Status->System Logs->Settings. SNMP is a built-in, find it under Services->SNMP.

Installing the others is straightforward, and can be found in the packages menu, these include LightSquid, BandwidthDPHPsysinfo, and the Dashboard, including several dashboard widgets (Snort, Havp status).  The interface to Barnyard2 is included with Snort.

The only issue with a couple of these packages, LightSquid, ntop and BandwidthD, is that they are not fully integrated into the pfSense webGui -  the pfSense banner and menus disappear, but backing out of the reports will lead you back to the web GUI.

Here are some screenshots of some of the logging and reporting options:

RRD Graphs

Figure 1: RRD Graphs

BandwidthD add-on Package

Figure 2: BandwidthD add-on Package

Dashboard

Figure 3: Dashboard

Light Squid

Figure 4: Light Squid

More Stuff

Top Performing Routers

AC3200
AC2350
AC1900
AC1750
AC1200

Top Performing NASes

NoRAID
RAID1
RAID5

Over In The Forums

Hello, Upgraded my ac87u to 378.51 beta1. did factory reset and configured. Then changed operation mode into access point and rebooted. After reboot i can no longer access gui of ac87u....
Hi I have a RT-AC66U with Asuswrt-Merlin, but im having an issue with my DHCP setup. When clients get an IP they also get the DNS that i have manually set up...
User NVRAM Save/Restore Utility User NVRAM Save/Restore Utility Version 15 (25-February-2015) Program Changes add help option -h add print version option -v add option to specify custom ini -i inifile add -nojffs option...
Originated from these threads: Questions about new network setup. D-Link DAP-2660 vs Linksys LAPAC1200 VS ?? i ended up buying the following: D-Link DAP-2660... Edgerouter lite & D-Link DAP-2660 first setup
Welcome to dd-wrt firmware! Thank You saifooz Firmware is in saifooz post #3 below This is the laptop cooler I use, yes plug it into the back USB port on the router and...