Set up a simple proxy server (e.g. tinyproxy, small, fast, secure, highly configurable) and redirect all forwarded traffic addressed to port 80 to localhost:proxy_port, and the proxy can log all what you want. (do not forget to reconfigure external firewall rules to deny direct access to your proxy for security reasons)
(e.g. with IPTables:
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
--to-port 3128)
Another interesting feature could be that you can write a script that is being called throug cron for example, where you add or delete filter rules so you can specify time intervals when you deny e.g. big files, or access to specified servers, etc, etc... the possibilities are endless...
Last edited by bbk; 01-11-2005 at 03:32 AM.
|