Dashboard¶
After finishing the Setup Wizard, the main page of the firewall is loaded, which is the Dashboard. The Dashboard page provides a wealth of information that can be seen at a glance, contained in configurable widgets. These widgets can be added or removed, and dragged around into different positions.
Managing Widgets
Each widget follows some basic conventions for controlling its position, size, settings, and so on, the mechanics of which are covered here in this section.
Adding and Removing Widgets
To start adding widgets, click the pluse button in the Dashboard controls area of the breadcrumb bar to display the list of available widgets.
Inside the Available Widgets panel, click on the name of a widget to add it to the Dashboard (See Available Widgets List). The dashboard will reload with the new widget displayed in one of its columns.
To close and remove a widget from the Dashboard, click the cross butten in its title bar, as seen in Figure Widget Title in the dashboard controls.
Rearranging Widgets
Widgets can be rearranged and moved between columns. To move a widget, click and drag its title bar, move the mouse to the desired position, and then release. As the widget is moved it will “snap” into its new position, so the new location may be previewed before releasing the mouse button.
Minimizing Widgets
To minimize a widget so it hides its content and only shows up as its title bar, click the minus seen in Figure Widget Title Bar. To restore the widget to its normal display, click the pluse button. After changing the widget status.
Changing Widget Settings
Some widgets have customizable settings that control how their content is displayed or updated. If a widget has button will show up in its title bar as seen in Figure Widget Title Bar. Click that button and the settings,the settings for the widget will appear. Once the settings have been adjusted, click the Save button inside of the widget settings panel.
Available Widgets
Each widget contains a specific set of data, type of information, graph, etc. Each of the currently available widgets will be covered in this section, along with their settings (if any). These are listed in alphabetical order.
Captive Portal Status
This widget shows the current list of online captive portal users, including their IP address, MAC address, and user name.
CARP Status
The CARP Status widget displays a list of all CARP type Virtual IP addresses, along with their status as either MASTER or BACKUP.
Dynamic DNS The Dynamic DNS widget displays a list of all configured Dynamic DNS hostnames, their current address, and status.
Gateways The Gateways widget lists all of the system gateways along with their current status. The status information consists of the gateway IP address, Round Trip Time (RTT) also known as delay or latency, the amount of packet loss, and the status (Online, Warning, Down, or Gathering Data). The widgets is updated every few seconds via AJAX.
Gmirror Status This widget will show the status of a gmirror RAID array on the system, if one is configured. The widget will show if zthe array is online/OK (Complete), rebuilding, or degraded.
Installed Packages
The Installed Packages widget lists all of the packages installed on the system, along with some basic information about them such as the installed version and whether or not an update is available.
When a package has an update available, pluse is displayed next to the version number. Packages may be updated from this widget by clicking the Refresh button at the end of a package’s row.
Packages may also be reinstalled by clicking refresh or removed by clicking delete. . Interface Statistics This widget shows a grid, with each interface on the system shown in its own column. Various interface statistics are shown in each row, including packet, byte, and error counts.
Interfaces
The Interfaces widget differs from the Interface Statistics widget in that it displays general information about the interface rather than counters. The Interfaces widget shows the the type and name of each interface, IPv4 address, IPv6 address, the interface link status (up or down), as well as the link speed when available.
IPsec
The IPsec widget has three tabs: The first tab, Overview, is a count of active and inactive tunnels. The second tab, Tunnel Status, lists each configured IPsec tunnel and whether that tunnel is up or down. The last tab, Mobile, shows online remote access IPsec VPN users, such as those using IKEv2 or Xauth.
Load Balancer Status
This widget displays a compact view of the server Load Balancing setup. Each row shows the status for one virtual server. The Server column shows the virtual server name, status, and IP address with port where the virtual server is accepting connections. The Pool column shows the individual pool servers and their status, with an uptime percentage. The Description column shows the text description from the virtual server.
Firewall Logs
The Firewall Logs widget provides an AJAX-updating view of the firewall log. The number of rows shown by the widget is configurable. As with the normal firewall log view, clicking the action icon next to the log entry will show a window displaying which rule caused the log entry. Clicking the source or destination IP address will copy that value to Diagnostics > DNS where the address can be resolved.
NTP Status
The NTP Status widget shows the current NTP synchronization source and the server time from that source.
OpenVPN
The OpenVPN widget displays the status of each configured OpenVPN instance, for both servers and clients. The status of each instance is shown, but the style and type of information shown varies depending on the type of OpenVPN connection. For example, SSL/TLS based servers show a list of all connected clients. For static key clients and servers, an up/down status is displayed. In each case it displays the IP address of the connecting client with the name and time of the connection.
Picture
The Picture widget, as the name implies, displays a picture chosen by the user. This can either be used functionally, for a network diagram or similar, or it can be for style, displaying a company logo or other image.
To add an image:
- Click setting on the Picture widget title bar
- Click Browse to locate the picture to upload
- Click Upload to upload the picture
The size of the picture will adjust to fit the area of the widget, which can vary depending on the size of the browser and platform.
RSS
The RSS (RDFSite Summary, or as it’s often called, Really Simple Syndication) widget will display an arbitrary RSS feed. By default, it shows the pfSense blog RSS feed. Some people choose to show internal company RSS feeds or security site RSS feeds, but it can load any RSS feed. In addition to defining the RSS feeds to display, the number of stories and size of displayed content are also configurable.
Services Status
This widget provides the same view and control of services that appears under Status > Services. Each service is listed along with its description, status (Running, Stopped), and start/restart/stop controls.
SMART Status
If S.M.A.R.T. is enabled on a drive in the firewall, this widget will show a brief status of the drive integrity as reported by S.M.A.R.T.
System Information
This widget is the main widget, displaying a wide array of information about the running system. The information displayed includes:
Name The configured fully qualified hostname of the firewall.
Version The current running version of pfSense on the firewall. The version, architecture, and build time are displayed at the top. Under the build time, the underlying version of FreeBSD is shown. Under those items is the result of an automatic update check for a more recent version of DefenseBolt (full installs only). This automatic update check can be disabled in the update settings.
Platform The platform indicates which variation of DefenseBolt is running. A full install will show DefenseBolt, an embedded install shows NanoBSD.
NanoBSD boot slice If this is an embedded install, the running slice is also displayed (DefenseBolt0 or DefenseBolt1), along with the slice that will be used for the next boot.
CPU Type The displayed CPU type is the version string for the processor, such as “Intel(R) Atom(TM) CPU C2758 @ 2.40GHz”. The CPU count and package/core layout is also displayed.
If powerd is active and the CPU frequency has been lowered, then the current frequency is shown along size the maximum frequency.
Hardware crypto If a known hardware cryptographic accelerator has been detected, it will be displayed here.
Uptime This is the time since the firewall was last rebooted.
Current date/time The current date and time of the firewall, including the time zone. This is useful for comparing the log entries, especially when the time zone on the firewall is different from where the user resides. DNS Server(s) Lists all of the configured DNS Servers on the firewall.
Last config change The date of the last configuration change on the firewall.
State table size Shows a graphical and numerical representation of active states and the maximum possible states as configured on the firewall. Underneath the state counts is a link to view the contents of the state table.
MBUF usage Shows the number of network memory buffer clusters in use, and the maximum the system has available. These network memory buffers are used for network operations, among other tasks. If the number is close to maximum or at the maximum, increase the number of available mbufs as described in Hardware Tuning and Troubleshooting.
Load Average A count of how many active processes are running on the firewall during the last 5, 10, and 15 minutes. This is typically 0.00 on an idle or lightly loaded system.
CPU usage A bar chart and percentage of CPU time in use by the firewall. Note that viewing the dashboard will increase the CPU usage a bit, depending on the platform. On slower platforms such as ALIX this is likely to read significantly higher than it would be otherwise.
Memory usage The current amount of RAM in use by the system. Note that unused RAM is often allocated for caching and other tasks so it is not wasted or idle, so this number may show higher than expected even if it is operating normally.
Swap usage The amount of swap space in use by the system. If the system runs out of physical RAM, and there is swap space available, lesser used pages of memory will be paged out to the swap file on the hard drive. This indicator only shows when the system has swap space configured, which will only be on full installs.
Disk usage The amount of space used on the boot disk or storage media. The type and location of mounted filesystems are shown, including memory disks when present.
Thermal Sensors
The Thermal Sensors widget displays the temperature from supported sensors when present. For many popular Intel and AMD-based chips, the sensors may be activated by choosing the appropriate sensor type under System > Advanced on the Miscellaneous tab under Thermal Sensors A bar is displayed for each sensor, which typically corresponds to each CPU core. The warning and critical thresholds may be configured in the widget settings.
Traffic Graphs
The Traffic Graphs widget contains a live SVG graph for the traffic on each interface. The interfaces displayed are configurable in the widget settings. The default refresh rate of the graphs is once every 10 seconds, but that may also be adjusted in the settings for this widget. The graphs are drawn the same way as those found under Status Traffic Graph.
Wake On LAN
The Wake on LAN widget shows all of the WOL entries configured under Services Wake on LAN, and offers a quick means to send the magic packet to each system in order to wake it up. The current status of a system is also shown. To wake up a system, click power next to its entry.
Interface Status¶
The status of the network interfaces may be viewed at Status Interfaces. In the first part of Figure Interface Status, a PPPoE WAN connection has been made and the IP, DNS, etc has been obtained. You can also see the network interface’s MAC address, media type, in/out packets, errors, and collisions. Dynamic connection types like PPPoE and PPTP have a Disconnect button when connected and a Connect button when offline. Interfaces obtaining an IP from DHCP have a Release button when there is an active lease, and a Renew button when there is not.
In the lower part of the image, you can see the LAN connection. Since this is a normal interface with a static IP, only the usual set of items are shown.
If an interface’s status says “no carrier” then it typically means that the cable is not plugged in or the device on the other end is malfunctioning in some way. If anyerrors are shown, they are typically physical in naturecabling or port errors. The most common suspect is cables, and they are easy and cheap to replace. In some circumstances you may also see errors and collisions due to a link speed or duplex mismatch. See Speed and Duplex for more about setting an interface’s speed and duplex.