I use a owrt VM on Proxmox with a 4 nic PCIE card. Works great.
Now I want to monitor network traffic, because every device I buy is a trojan that calls home. Even my dishwasher wants to do it. Sure I can block using owrt's firewall. But I want to get acquainted first with who does what on my network, if they're left unchecked.
Two questions :
-
I'd like some advice on what stack to use. Wireshark is too detailed I think, I'd prefer ntopng or a better stack of apps ?
-
Because my owrt is a VM, scaling up or down is easy. So should I beef it up with stack components using opkg (provided owrt has a native tool for my quest), or set up a separate VM and use some agentd on owrt to send it the meta-data?
I have no zabbix, no checkmk etc yet. Probably cool to have, and maybe what I want is just a plugin on those. But probably too much overhead for what I really want / am motivated for.
thanks for any pointers