I have a need to setup a Linux PC as a router/firewall server for a small corporation. The main functionality is to monitor user's surfing activity and report back to management team. This server will be have two NICs or more, one connected to the WAN and second NIC connected to our primary switch.
For example:
Date/Time Source IP Destination
-------------- ------------- ------------
10/01/10 02:43 192.168.1.10
http://www.google.com
10/01/10 02:44 192.168.1.10
http://www.linuxquestions.org/questions/
10/02/10 12:00 192.168.1.108
http://www.disney.com
We are not just concerned with Destination IP, we need actual URL they are visiting.
Eventually they want to start blocking access based on usage by setting some sort of policy.
Thanks for all your help in advance.