connection logging of captive portal-users

Forums Network Management ZeroShell connection logging of captive portal-users

  • This topic is empty.
Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • September 19, 2007 at 4:00 pm #40783
    Irie
    Member

    hi everyone again

    is it possible, to log the connections of each user of the captive portal (to backtrace in case of abuse)?

    greetz

    Irie

    September 19, 2007 at 9:27 pm #45892
    imported_fulvio
    Participant

    In the section [Firewall]-[Connection Tracking] you just have to enable the logging of the connections. In this manner for any connections, the following information are sent to the syslog:

    – source IP
    – source port
    – destination IP
    – destination port
    – transport protocol (TCP/UDP)

    If you use the NAT in your LAN, the source IP logged is the private IP of the client and not the public IP of the NAT router, so you can identify with reliability the client that made a connection.

    Regards
    Fulvio

    September 21, 2007 at 11:30 am #45893
    Irie
    Member

    oke, thanks, it works….but it isn’t very easy to handle….

    can anybody tell me, how to improve the syslog-interpretation?

    the zeroshell-server is for our guestnetwork….we want to have a possibility to backtrack, which guest connected which servers or which connection was opened by which guest…..so that in case of abuse we can identify the guest, which is responsible for the traffic.

    currently it is not very easy to backtrack….maybe its a possibility to add the captive-portal-user-name to the syslog entries? (only a suggestion).

    thanx

    irie

    September 21, 2007 at 10:04 pm #45894
    imported_fulvio
    Participant

    maybe its a possibility to add the captive-portal-user-name to the syslog entries?

    Yes, it is possible, but in any case, if your LAN produces many connections per second this operation could be a CPU intensive process.

    September 28, 2007 at 7:46 am #45895
    Irie
    Member

    @fulvio wrote:

    maybe its a possibility to add the captive-portal-user-name to the syslog entries?

    Yes, it is possible, but in any case, if your LAN produces many connections per second this operation could be a CPU intensive process.

    i don’t have a huge server, only a little mini-ITX-PC for zeroshell.
    but i don’t think there will be so much connections, cause wo don’t have such a lot of guests^^

    i think there will never be more than 5 users at the same time surfing over that server and so i think this souldn’t be a problem, even for a 1200mhz single-core processor!?!

    it would be great, if you can tell me, how to integrate the captive-portal user-string in the syslog.

    thanx ๐Ÿ™‚

    /edit:
    i just remembered the “accounting”-tab in the “captive portal”-menu. will there only be things like cost, duration and traffic or will this allow you to see all connections by a specific user?

    January 10, 2008 at 3:20 pm #45896
    Irie
    Member

    sorry for asking you this one more time, but you didn’t answer yet.

    could you please give a short explanation how to add the captive-portal user to the syslog-entries?

    would be great, if i could implement this.

    thanks a lot ๐Ÿ™‚

  • Author
    Posts
Viewing 6 posts - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.