Netify Netify logo Contact Us
Products Resources Documentation Blog Sign In

Netify Agent v5 on pfSense

pfSense is an open-source, easy-to-use and feature-rich firewall and routing platform that is based on FreeBSD. It is designed to provide a robust and secure network infrastructure by offering a range of networking and security features. pfSense is often used as a firewall, router, and VPN (Virtual Private Network) gateway, making it suitable for both home and business environments.

Requirements

At the time of writing, Netify is a command line installation. There have been no integrations with pfSense's web-based administration tool. Installing Netify on pfSense provides administrators with a 'single pane of glass' when used with Netify Informatics.

As a dedicated gateway distribution, it is no surprise that 2 or more network interfaces are required:

  • LAN Interface: client devices connecting to the internal network. This is the ideal interface for Netify to be configured to listen on as it provides flow analysis at client device resolution (ex. Apple iPhone 14 did X).
  • WAN Interface: used to connect upstream to the ISP. Admins may choose to monitor on this interface, however, it's not always that interesting as most of the data is duplicated with "North/South" bound traffic from the LAN.

You will also need to know which version of pfSense you are running in order to access the correct binaries. If you're not sure, use the cat /etc/version command:

Terminal - Netify
× 
cat /etc/version
2.7.2-RELEASE

Installation

Netify Agent is distributed through the same packaging workflow as Netify plugins, allowing for a consistent installation experience using standard package manager syntax. Pre-compiled binaries are available for x86_64 architectures via our public mirrors. For ARM, MIPS, and other specialized architectures, please contact us.

Step 1 - Select your installation target:

Step 2 - Add Netify's package signing key and repository:

Terminal - Netify
× 
mkdir -p /usr/local/etc/pkg/fingerprints/Netify/trusted
curl https://download.netify.ai/5/freebsd/fingerprint -o /usr/local/etc/pkg/fingerprints/Netify/trusted/fingerprint
cat << EOF >  /usr/local/etc/pkg/repos/Netify.conf
Netify: {
  fingerprints: "/usr/local/etc/pkg/fingerprints/Netify",
  url: "https://download.netify.ai/5/freebsd/15.0",
  signature_type: "fingerprints",
  mirror_type: "http",
  priority: 11,
  enabled: yes
}
EOF

Step 3 - Install the Netify Agent:

Terminal - Netify
× 
pkg update
pkg install netifyd

Step 4 - Install plugins:

The Netify Agent provides only minimal functionality in the absence of plugins. To begin processing data, configure one or more feature plugins and/or sink (connector) plugins.

Step 2 - Add Netify's package signing key and repository:

Terminal - Netify
× 
mkdir -p /usr/local/etc/pkg/fingerprints/Netify/trusted
curl https://download.netify.ai/5/freebsd/fingerprint -o /usr/local/etc/pkg/fingerprints/Netify/trusted/fingerprint
cat << EOF >  /usr/local/etc/pkg/repos/Netify.conf
Netify: {
  fingerprints: "/usr/local/etc/pkg/fingerprints/Netify",
  url: "https://download.netify.ai/5/freebsd/14.0",
  signature_type: "fingerprints",
  mirror_type: "http",
  priority: 11,
  enabled: yes
}
EOF

Step 3 - Install the Netify Agent:

Terminal - Netify
× 
pkg update
pkg install netifyd

Step 4 - Install plugins:

The Netify Agent provides only minimal functionality in the absence of plugins. To begin processing data, configure one or more feature plugins and/or sink (connector) plugins.

Step 2 - Add Netify's package signing key and repository:

Terminal - Netify
× 
mkdir -p /usr/local/etc/pkg/fingerprints/Netify/trusted
curl https://download.netify.ai/5/freebsd/fingerprint -o /usr/local/etc/pkg/fingerprints/Netify/trusted/fingerprint
cat << EOF >  /usr/local/etc/pkg/repos/Netify.conf
Netify: {
  fingerprints: "/usr/local/etc/pkg/fingerprints/Netify",
  url: "https://download.netify.ai/5/freebsd/14.0",
  signature_type: "fingerprints",
  mirror_type: "http",
  priority: 11,
  enabled: yes
}
EOF

Step 3 - Install the Netify Agent:

Terminal - Netify
× 
pkg update
pkg install netifyd

Step 4 - Install plugins:

The Netify Agent provides only minimal functionality in the absence of plugins. To begin processing data, configure one or more feature plugins and/or sink (connector) plugins.

Post Installation

After installing the agent, verify the installation and some path information using the -s (status) argument.

Terminal - Netify
× 
$ netifyd -s
Netify Agent/5.0.62-1-HEAD-nnnn-aaaaaaaa (debian; linux-gnu; x86_64; conntrack; netlink; dns-cache; tpv3; tcmalloc; regex)
✗ agent is not running: PID 0
• persistent state path: /etc/netifyd
• volatile state path: /var/run/netifyd
! agent run-time status could not be determined.

The Netify agent is not configured to start post install. It will not be running by default and should expect to see the 'not running' and 'run-time status could not be determined' messages.