connection logging of captive portal-users

Home Page Forums Network Management ZeroShell connection logging of captive portal-users

This topic contains 4 replies, has 0 voices, and was last updated by  Irie 11 years, 1 month ago.

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #40783

    Irie
    Member

    hi everyone again

    is it possible, to log the connections of each user of the captive portal (to backtrace in case of abuse)?

    greetz

    Irie

    #45892

    imported_fulvio
    Participant

    In the section [Firewall]-[Connection Tracking] you just have to enable the logging of the connections. In this manner for any connections, the following information are sent to the syslog:

    – source IP
    – source port
    – destination IP
    – destination port
    – transport protocol (TCP/UDP)

    If you use the NAT in your LAN, the source IP logged is the private IP of the client and not the public IP of the NAT router, so you can identify with reliability the client that made a connection.

    Regards
    Fulvio

    #45893

    Irie
    Member

    oke, thanks, it works….but it isn’t very easy to handle….

    can anybody tell me, how to improve the syslog-interpretation?

    the zeroshell-server is for our guestnetwork….we want to have a possibility to backtrack, which guest connected which servers or which connection was opened by which guest…..so that in case of abuse we can identify the guest, which is responsible for the traffic.

    currently it is not very easy to backtrack….maybe its a possibility to add the captive-portal-user-name to the syslog entries? (only a suggestion).

    thanx

    irie

    #45894

    imported_fulvio
    Participant

    maybe its a possibility to add the captive-portal-user-name to the syslog entries?

    Yes, it is possible, but in any case, if your LAN produces many connections per second this operation could be a CPU intensive process.

    #45895

    Irie
    Member

    @fulvio wrote:

    maybe its a possibility to add the captive-portal-user-name to the syslog entries?

    Yes, it is possible, but in any case, if your LAN produces many connections per second this operation could be a CPU intensive process.

    i don’t have a huge server, only a little mini-ITX-PC for zeroshell.
    but i don’t think there will be so much connections, cause wo don’t have such a lot of guests^^

    i think there will never be more than 5 users at the same time surfing over that server and so i think this souldn’t be a problem, even for a 1200mhz single-core processor!?!

    it would be great, if you can tell me, how to integrate the captive-portal user-string in the syslog.

    thanx 🙂

    /edit:
    i just remembered the “accounting”-tab in the “captive portal”-menu. will there only be things like cost, duration and traffic or will this allow you to see all connections by a specific user?

    #45896

    Irie
    Member

    sorry for asking you this one more time, but you didn’t answer yet.

    could you please give a short explanation how to add the captive-portal user to the syslog-entries?

    would be great, if i could implement this.

    thanks a lot 🙂

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.