Simple question - web site log

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
View previous topic :: View next topic  
Author Message
matbudz
DD-WRT Novice


Joined: 17 Apr 2015
Posts: 6
PostPosted: Fri Jul 24, 2015 20:08    Post subject: Simple question - web site log Reply with quote
Hi all. I hope I am posting this in the correct forum. Please redirect me if I'm not.

Months ago I set up dd-wrt on a new Netgear WNDR4500, using Firmware: DD-WRT v24-sp2 (02/04/15) giga. Following some helpful posts, I was able to set up OpenDNS and dyndns on my home network.

Everything is working fine. OpenDNS blocks what it needs to (I have kids in the house) and all is well.

However, as the kids get older and their friends spend more time here, I would like to be able to see which device is accessing which web sites, especially when I see that they were blocked by OpenDNS. When I look at the OpenDNS log, it only tells me what sites were blocked. I don't believe it has the ability to tell me when or by which device.

I'm hoping there is a SIMPLE solution within DD-WRT. I tried RFlow and some other solutions, with no luck. It may have been user error. We have only one parent computer and no spare machines to act as a log collector.

Please point me in the direction of the simplest solution. Many thanks in advance!
Back to top View user's profile Send private message
Sponsor
<Kong>
DD-WRT Guru


Joined: 15 Dec 2010
Posts: 4339
Location: Germany
PostPosted: Fri Jul 24, 2015 22:17    Post subject: Re: Simple question - web site log Reply with quote
matbudz wrote:
Hi all. I hope I am posting this in the correct forum. Please redirect me if I'm not.

Months ago I set up dd-wrt on a new Netgear WNDR4500, using Firmware: DD-WRT v24-sp2 (02/04/15) giga. Following some helpful posts, I was able to set up OpenDNS and dyndns on my home network.

Everything is working fine. OpenDNS blocks what it needs to (I have kids in the house) and all is well.

However, as the kids get older and their friends spend more time here, I would like to be able to see which device is accessing which web sites, especially when I see that they were blocked by OpenDNS. When I look at the OpenDNS log, it only tells me what sites were blocked. I don't believe it has the ability to tell me when or by which device.

I'm hoping there is a SIMPLE solution within DD-WRT. I tried RFlow and some other solutions, with no luck. It may have been user error. We have only one parent computer and no spare machines to act as a log collector.

Please point me in the direction of the simplest solution. Many thanks in advance!



You can use the adblocking proxy to do that. You should attach a usb device where you will store the logs, then enable adblocking Services->Adblocking enable transparent mode so http traffic is redirected through privoxy, then use custom configuration and enable debug e.g.:

Code:
confdir /etc/privoxy
logdir /opt/privoxy
actionsfile match-all.action
actionsfile default.action
actionsfile /tmp/user.action
filterfile default.filter
logfile logfile
listen-address  192.168.1.1:8118
toggle  1
enable-remote-toggle  0
enable-remote-http-toggle  0
enable-edit-actions 0
buffer-limit 4096
accept-intercepted-requests 1
split-large-forms 0
keep-alive-timeout 5
socket-timeout 300
handle-as-empty-doc-returns-ok 1
debug 1


logdir is the path where the log will be stored, in this example I used usb setup to mount a specific partition to /opt

debug 1 means Log the destination for each request Privoxy let through

Now you can look at the logfile and determine the ip for each request.
Back to top View user's profile Send private message
matbudz
DD-WRT Novice


Joined: 17 Apr 2015
Posts: 6
PostPosted: Fri Jul 24, 2015 23:32    Post subject: Re: Simple question - web site log Reply with quote
Quote:
You can use the adblocking proxy to do that. You should attach a usb device where you will store the logs, then enable adblocking Services->Adblocking enable transparent mode so http traffic is redirected through privoxy, then use custom configuration and enable debug e.g.:

Code:
confdir /etc/privoxy
logdir /opt/privoxy
actionsfile match-all.action
actionsfile default.action
actionsfile /tmp/user.action
filterfile default.filter
logfile logfile
listen-address  192.168.1.1:8118
toggle  1
enable-remote-toggle  0
enable-remote-http-toggle  0
enable-edit-actions 0
buffer-limit 4096
accept-intercepted-requests 1
split-large-forms 0
keep-alive-timeout 5
socket-timeout 300
handle-as-empty-doc-returns-ok 1
debug 1


logdir is the path where the log will be stored, in this example I used usb setup to mount a specific partition to /opt

debug 1 means Log the destination for each request Privoxy let through

Now you can look at the logfile and determine the ip for each request.


Thank you for the quick reply.

I put in a usb drive, pasted in the code you gave, hit apply, and then I could get no web pages to load on any device. I could ping pages just fine. I removed the custom config for the moment and all is good again.

Is the problem in my failure to set up ddwrt for usb? This is completely new to me. Should I set up usb as in the attached screenshot? Also, do I need to do anything on the usb drive itself? Also, do I view the log while it is attached to ddwrt or do I physically remove it? If I physically remove it, do I need to eject/unmount it first, and how?

Thank you again.

usbScreenshot.png
 Description:
 Filesize:  56.65 KB
 Viewed:  3932 Time(s)

usbScreenshot.png
Back to top View user's profile Send private message
matbudz
DD-WRT Novice


Joined: 17 Apr 2015
Posts: 6
PostPosted: Fri Jul 24, 2015 23:36    Post subject: updated usb info Reply with quote
After applying the usb settings, this is what I see. I hope this helps.

usbScreenshot2.png
 Description:
 Filesize:  70.94 KB
 Viewed:  3929 Time(s)

usbScreenshot2.png
Back to top View user's profile Send private message
ddaniel51
DD-WRT Guru


Joined: 19 Feb 2013
Posts: 1464
PostPosted: Sat Jul 25, 2015 0:12    Post subject: Reply with quote
Change the volume name on your usb stick to opt and it will automount as /opt.
_________________
Segment 1 XR700 10Gb LAN, 1Gb WAN ISP BS
Wired AP 1 Unifi Wifi 6 LR US 1Gb LAN
Wired AP 2 Unifi Wifi 6 LR US 1Gb LAN
Wired AP 3 Unifi Wifi 6 LR US 1Gb LAN
Syslog Services Asustor 7110T NAS 10GB
NetGear XS716T 10GB Switch
download1.dd-wrt.com/dd-wrtv2/downloads/betas/ (Brain Slayer)
YAMon https://usage-monitoring.com/index.php
Back to top View user's profile Send private message
matbudz
DD-WRT Novice


Joined: 17 Apr 2015
Posts: 6
PostPosted: Sat Jul 25, 2015 0:31    Post subject: Reply with quote
ddaniel51 wrote:
Change the volume name on your usb stick to opt and it will automount as /opt.


Thanks. I assume that I need to do that on my computer. How do I eject/unmount from ddwrt?
Back to top View user's profile Send private message
matbudz
DD-WRT Novice


Joined: 17 Apr 2015
Posts: 6
PostPosted: Sat Jul 25, 2015 20:03    Post subject: Reply with quote
matbudz wrote:
ddaniel51 wrote:
Change the volume name on your usb stick to opt and it will automount as /opt.


Thanks. I assume that I need to do that on my computer. How do I eject/unmount from ddwrt?


How do I eject the usb stick from ddwrt so I can rename the volume to opt on my computer? Thank you.
Back to top View user's profile Send private message
matbudz
DD-WRT Novice


Joined: 17 Apr 2015
Posts: 6
PostPosted: Wed Jul 29, 2015 2:12    Post subject: Still wondering Reply with quote
Can I just remove the usb stick or should I eject/unmount it? How do I unmount?

Thanks
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum