Traffic logging

6 posts / 0 new
Last post
Fri, 12/10/2010 - 12:05pm
#1
wbrettw
Traffic logging

I need to log all outbound traffic at a hotspot.

Can this be done on a WNR3500L using TomatoUSB f/w?
Which build should I use?

If I create a linux partition on a usb device, what's the path to write the log to the usb device?

Tomato resolves the addresses automatically, but can I keep a log of the resolved addresses?

What happens at a reboot?

Top
Sat, 12/11/2010 - 3:37am
Permalink
Striatum
http://tomatousb.org/tut

http://tomatousb.org/tut:backup-settings-logs-more-to-usb-drive-script
http://tomatousb.org/forum/t-265548/
Seems to be possible, with limitations...

You can configure logs directly in GUI to keep an eye on outgoing connections (allowed, blocked or both).

You should select the EXT (if you don't need Openvpn) or VPN version here:

http://tomatousb.org/download

Top
Sat, 12/11/2010 - 7:53am
Permalink
wbrettw
Hey those threads are complex

Hey those threads are complex....
I was hoping it would be simpler than that...
Destination IP logging is a legal requirement for EU hotspots, and I'd really like to find a neat solution..

Top
Sat, 12/11/2010 - 9:14am
Permalink
Striatum
I don't think there are

I don't think there are simple solution so save logs on harddisk, both on tomato or dd-wrt. Dd-wrt has built in clients for Hostspot, Chillispot Sputnik, but logs are not saved by dd-wrt, only by central servers of those services I think...

Here what I found, using the 'Log to remote System' option in syslog configuration:

PeterT
Reformed Router

Join Date: Nov 2005
Posts: 84
Rather than saving the messages.* files, the other option is to install a "Syslog Receiver" on your PC, and have Tomato send the messages to that syslog.
A good free Syslog for Windows is "Kiwi Syslog" http://www.kiwisyslog.com/

In your router, you would go to Admin | Logging Options and put your PC's IP address in the "IP Address" and "514" (I think) in the port value.

Each message send by Tomato would then end up beinbg captured by the Syslog daemon on your PC.

You can also read http://www.wi-fiplanet.com/tutorials/article.php/3794171/How-to-Monitor-...

Top
Sat, 12/11/2010 - 9:55am
Permalink
wbrettw
Yes I tried that already and

Yes I tried that already and it works well. I used the kiwi/solarwinds free server and Tomato 1.28 on a wrt54gl...
However I can't run a dedicated machine 24/7 at each hotspot location, and the Tomato GUI doesn't give me the option of sending through WAN. If it did, that would be a good solution..

Top
Sat, 12/11/2010 - 10:01am
Permalink
wbrettw
I'd also read that wifiplanet

I'd also read that wifiplanet post a few days ago, and reading it again it starts to look possible....

Top