|
Setting up an internet gateway with web usage logging
Hello,
I would like to setup a Linux server that simply sits between my firewall/router & the rest of the network. I do not wish it to cache. It simply needs to provide NAT so the network can browse the internet. However, I would like to able to log all of the intrernet traffic. I need to know what websites paticular users are accessing & whether they are using MSN Messenger, ICQ etc etc. I am sure this is possible, but being new to Linux I don't know what software will provide the above our how to go about setting it up. Can anyone who could provide a step in the right direction? Thanks |
you can do this by using squid in transparent proxy mode...
http://www.squid-cache.org/ just my two cents... PS: yes, squid can be configured to NOT cache... PS2: the NAT would be done by your current firewall/router, not by squid... if you want the squid box to do NAT also, then you could do that with iptables... |
I have come across Squid through my search of the web.
Is it easy to log web usage through Squid? |
yes, it's easy... and there's a ton of tools to help you analyze the logs... for example:
http://www.squid-cache.org/Scripts/ |
thanks heaps.
I will build a linux box this weekend, install Squid and see what happens. |
cool... let me know how it goes... and if you have any further questions don't be shy... i can share a known-good squid.conf with you if you want... i can also show you which iptables rules you'll need for the transparency... good luck... have fun...
|
Didn't get time over the weekend to build a Linux box. But am in the middle of building a FC3 box right now.
If you are keen to share the iptables commands for transparency that would be cool. Thanks. |
basically they look like this (if eth1 was your LAN interface):
Code:
iptables -t nat -A PREROUTING -p TCP -i eth1 --dport 80 \Code:
--enable-linux-netfilter |
| All times are GMT -5. The time now is 12:00 PM. |