Logging visited websites with dd-wrt and wrt54gl?

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Goto page 1, 2  Next
Author Message
hypochonder
DD-WRT Novice


Joined: 08 Oct 2008
Posts: 5

PostPosted: Wed Oct 08, 2008 23:03    Post subject: Logging visited websites with dd-wrt and wrt54gl? Reply with quote
Hej everybody,
I've got a network of three linksys wrt54gl covering 3 flats with internet access (WDS). As I'm administering the network and responsible for the users action (websites visited) I'd like to log which websites are visited to make sure nobody is doing illegal stuff, and in case something happens I'd like to have some evidence who did what when ;)

I stubled upon bwlog, but this tool just monitors the traffic. Is there any app suitable which can be run directly on the router?

Any advice appreciated,
cheers Max
Sponsor
hypochonder
DD-WRT Novice


Joined: 08 Oct 2008
Posts: 5

PostPosted: Thu Oct 09, 2008 8:56    Post subject: Reply with quote
anybody?
backwoodsman
DD-WRT User


Joined: 02 Apr 2008
Posts: 141

PostPosted: Thu Oct 09, 2008 20:58    Post subject: Reply with quote
I'm looking for an answer to this question as well. I've recently started using DD-WRT on Buffalo routers, and like it very well overall, but I was very surprised to find no logging capability. I need to log users & websites visited for the same reasons as the OP.
backwoodsman
DD-WRT User


Joined: 02 Apr 2008
Posts: 141

PostPosted: Thu Oct 09, 2008 21:29    Post subject: Reply with quote
kodo wrote:
I use wallwatcher on a Windows PC for such logging needs. I don't think, that the memory in the WRT is big enough to log this.


Unfortunately that's not a practical option for me. I don't use Windows so would have to set up a separate machine for that, which would be doable only as a last resort. And frankly, it seems absurd to have a router with a fast CPU, lots of memory, and sophisticated firmware, then have to run an old PC just to keep a log.

It takes very little memory to do some basic logging. Even my old TrendNet router can do it, and it has, I think, less total memory than my Buffalo routers running DD-WRT have free memory. When the TrendNet's log gets full, it emails it to me and starts over. Something like that would be an excellent and much needed addition to DD-WRT.
Murrkf
DD-WRT Guru


Joined: 22 Sep 2008
Posts: 12675

PostPosted: Thu Oct 09, 2008 22:21    Post subject: Reply with quote
I would join in the request for logging. This is one feature that stock firmware beats dd-wrt on.
hypochonder
DD-WRT Novice


Joined: 08 Oct 2008
Posts: 5

PostPosted: Thu Oct 09, 2008 22:44    Post subject: Reply with quote
I searched around today and now I think about adding a sd card to the router and write the logfile of systemlogd to the sd card. I haven't tried it yet but I found a list of switches in this thread:
http://www.dd-wrt.com/phpBB2/viewtopic.php?t=32082&highlight=syslogd

so it should be possible to write the logfile on the sd card. this would eliminate the need of an extra windows box running wallwatcher all the time, if want to have a look on the logs I just take out the sd card ...

any thougts on this?
backwoodsman
DD-WRT User


Joined: 02 Apr 2008
Posts: 141

PostPosted: Thu Oct 09, 2008 22:49    Post subject: Reply with quote
hypochonder wrote:
I searched around today and now I think about adding a sd card to the router and write the logfile of systemlogd to the sd card.


syslogd only logs system events, but doesn't log anything to do with users or what they do. Turn it on, then telnet in and go to /var/log and view the log file, and you'll see what I mean.
mtca
DD-WRT Novice


Joined: 13 Jul 2007
Posts: 48
Location: Martinez, CA

PostPosted: Thu Oct 09, 2008 23:20    Post subject: Reply with quote
If you are using V23 you can add 'log-queries' to the 'Additional DNSMasq Options' under Services. This causes DNSMasq to add an entry into the log file for every DNS lookup.

Unfortunately, if you are using V24 this functionality was removed from DNSMasq to reduce it's memory footprint.
backwoodsman
DD-WRT User


Joined: 02 Apr 2008
Posts: 141

PostPosted: Fri Oct 10, 2008 17:06    Post subject: Reply with quote
mtca wrote:
Unfortunately, if you are using V24 this functionality was removed from DNSMasq to reduce it's memory footprint.


Wow, so some logging capability was there, but they removed it?? There are lots of features in there that most of us will never use, but almost everyone with a wireless network should be keeping an eye on user logs at least occasionally.

Does anyone know of an open source firmware that does support user logging, or do I need to think about flashing my router back to the factory firmware? Unless there's some way to make a log in DD-WRT, it looks like those are my options at this point. Either way would be a pity because DD-WRT has been 100% solid and is pretty cool in most respects.
mtca
DD-WRT Novice


Joined: 13 Jul 2007
Posts: 48
Location: Martinez, CA

PostPosted: Sat Oct 18, 2008 15:47    Post subject: Reply with quote
dd-wrt has user logging capability.

Turn logging on by enabling syslogd under Services.
Leave 'Remote Server' blank. Next on the 'Security, Firewall' tab under Log Management, set logging to Enable, 'Log Level' to High, and 'Options/Accepted' to enabled. This should log all outgoing connections in /var/log/messages. The log file is limited to 200kB before being rotated (400kB total).

Logging just logs the destination IP address. You'll need to do a reverse DNS look up to get a URL. Unfortunately, the URL you get back may not be the same URL that the user typed in, making it difficult to figure out what web site the user was really accessing. This is where dnsmasq logging comes in. It logs the URL the user types in and eliminates the need to look up IP addresses. But dnsmasq logging is no longer available.

Also, I don't recommend logging to an SD card. Continuous writing to a card is risky. If anything happens during a write the card can be left in an unusable state. I tried saving logs to an SD card but the card failed after about 4 months.
Murrkf
DD-WRT Guru


Joined: 22 Sep 2008
Posts: 12675

PostPosted: Sat Oct 18, 2008 16:06    Post subject: Reply with quote
mtca wrote:
Next on the 'Security, Firewall' tab under Log Management, set logging to Enable, 'Log Level' to High, and 'Options/Accepted' to enabled.


I have logging enabled in services, and it shows up in a top command, but do not have these options in security. Running Micro Plus build.
soulstace
DD-WRT Guru


Joined: 04 Aug 2007
Posts: 6427

PostPosted: Sat Oct 18, 2008 17:33    Post subject: Reply with quote
Micro's kernel does not support firewall logging Crying or Very sad
Murrkf
DD-WRT Guru


Joined: 22 Sep 2008
Posts: 12675

PostPosted: Sat Oct 18, 2008 17:40    Post subject: Reply with quote
soulstace wrote:
Micro's kernel does not support firewall logging Crying or Very sad


Thanks....again.

At least the original poster can do it on their 54gl....
backwoodsman
DD-WRT User


Joined: 02 Apr 2008
Posts: 141

PostPosted: Sat Oct 18, 2008 18:35    Post subject: Reply with quote
mtca wrote:
Turn logging on by enabling syslogd under Services. {chomp}

Logging just logs the destination IP address. You'll need to do a reverse DNS look up to get a URL.


...which makes it essentially useless. What's needed is a log with resolved URLs that can be easily accessed (preferably emailed by the router) and quickly scanned to see who's been using the router and where they've gone (at least the server if not the page). A list of IP addresses is useless for that purpose, because of the time involved in getting any useful info. My 5 or 6 year old Trendnet router is better than DD-WRT in this regard.

I think the simple logging I need could be easily done with a script. Unfortunately it'll be some time before I'll be able to take time for a project like that, but maybe someone else with the expertise and time will be able to do it first.
Donny
DD-WRT Guru


Joined: 13 Nov 2008
Posts: 5266
Location: CENTRAL Midnowhere

PostPosted: Sun Nov 16, 2008 2:36    Post subject: Reply with quote
Any hope the newer builds can do this better? I would really like a logging function on my Asus WL520gU router so I can determine the websites my kids are visiting.
Goto page 1, 2  Next Display posts from previous:    Page 1 of 2
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum