Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Blocked Domain Reporting with Ntop

    Scheduled Pinned Locked Moved pfSense Packages
    1 Posts 1 Posters 489 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jimtech83
      last edited by

      Hi Guys,

      Some background info:
      I was looking for a way to block malicious and adult domains visited by the users behind a small form pc that I use for pfsense 2.4.3 . Also, the local admin on-site wanted to have a way of seeing domains blocked whenever necessary -compliance reasons I believe.

      So I first tried squid with some open source blacklists that I found but was not really with the result, because the machine I use is small and not acting good with proxy and second, the lists were not good..

      Next, I tried looking for some DNS solutions and tried public resolvers of Norton Connect Safe and OpenDNS where I use DHCP server and block rest of tcp/53 traffic so that people have to stick to my dns. The issue was, even tough Norton's DNS was more appropriate for me they wouldn't allow it to be used in commercial manner and I think the same for OpenDNS , so today I've seen an ad for a similar public dns provider called nsafe dns and decided to give it a try..

      Here comes the question,

      whenever nsafe blocks a domain it redirects users to a page with following uri

      http://block.nsafe.io/?uri=
      

      when I go to ntop, I can list the websites based on above and can see what are blocked from the ?uri="" part.

      But I could not find a way to create a custom report -like pie chart- so that whenever the admin on site goes in, he could see a custom list created of "http://block.nsafe.io/?uri=domains"s

      e.g http://block.nsafe.io/?uri=pornhub.com , http://block.nsafe.io/?uri=xxx.com so that when I list them I can understand which one is getting blocked by the most and by whom..

      Is this something achievable using ntop ? like creating a custom table that shows webites visited contains custom url and then creating charts with those ?

      Any other tools you would recommend to list "websites visited" in charts and such would be welcomed as well.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.