Joined: 22 Aug 2009 Posts: 267 Location: New York State
Posted: Fri Feb 23, 2018 18:23 Post subject: Ability to log wedsite addresses within the Router
This may seen like a odd question, but IIRC, Asus (Broadcom) has a page that lists website addresses that have been accesses outside of PC's connected. Eg: Streaming devices and/or DVR's.
Is this just a Broadcom feature/function as I have never seen that on a Atheros based Router?
Pretty easy to do. Enabled Adblock Proxy in dd-wrt. Now go to /tmp/privoxy copy it's content. After that enable custom conf in adblock copy the contents, add debug flag a+ logfile definition, see sample where I log to /jffs/privoxy/logfile:
But just like on oem firmware, this will not pickup traffic, that goes to non standard web ports, but you could fix/prevent that by allowing no traffic to flow outside to non http/https ports, by just adding some iptable rule, that forces all traffic from certain networks to privoxy.
The best way to control devices is to completely block them and then openup. E.g. what I use for some devices is to not allow any internet traffic, besides some IPs, with a little trick, you can automatically insert the ips to the firewall from the dns name:-)
See this example for instance, device with IP 192.168.1.10 is completely cut off from the internet, it is only allowed to contact the IP behind gogle.com, add such a rule to commands and press save firewall, it will be inserted everytime your wan goes up:
Joined: 22 Aug 2009 Posts: 267 Location: New York State
Posted: Sat Feb 24, 2018 16:12 Post subject:
Thanks for that, then is it possible to add this to new builds since I surely would not use the word "easy" in your reply.
Thou I'm more than sure it is for you or anyone close to your caliper, but for most it is not which includes me.
Blocking was not the reason, just logging addresses where these devices connect to was the idea.
Unfortunately, I did not take a screen shot of the page, I wish I did, I would of posted it.