• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Is possible to log user access on http, https?

Scheduled Pinned Locked Moved Captive Portal
5 Posts 2 Posters 421 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    dimsum
    last edited by Feb 8, 2024, 12:53 PM

    Hi There,

    I have med a captive portal for free wifi in the office but the office needs to keep a log of who has access to the internet. I need to know who, when, and the destination. A captive portal has only logs of who has a login but doesn't know the destination. Also, I looked in the DNS resolver log it has the IP and domain name resolved but no user login.

    I have looked at squid proxy with transparent but it doesn't work on https. and I don't want a user to do anything when using the free wifi e.g. setting the proxy in their mobile, tablet, and laptop.

    How can I combine or custom cative portal and DNS resolver log?

    Any idea please advise.

    Thanks.

    G 1 Reply Last reply Feb 8, 2024, 2:18 PM Reply Quote 0
    • G
      Gertjan @dimsum
      last edited by Gertjan Feb 8, 2024, 2:19 PM Feb 8, 2024, 2:18 PM

      @dimsum said in Is possible to log user access on http, https?:

      I don't want a user to do anything when using the free wifi

      Then don't let him connect in the first place 👍

      Status > System Logs > Authentication > Captive Portal Auth shows the user's IP and MAC,
      Take note : the IP will be an IP in your own local network, and the MAC is probably randomized.

      https traffic, as any other TLS traffic : unbreakable.

      You could install pfBlockerng - block all known "DNS over HTTPS/TLS/QUIC Blocking" on Firewall > pfBlockerNG > DNSBL SafeSearch
      Add this Redirecting Client DNS Requests so clients are forced to use pfSEnse as there DNS.

      ... now you'll have :

      9086fbe4-7936-47c4-b1ef-6e2b0e9e52ce-image.png

      so you can see where they go.

      No "help me" PM's please. Use the forum, the community will thank you.
      Edit : and where are the logs ??

      D 1 Reply Last reply Feb 8, 2024, 3:41 PM Reply Quote 0
      • D
        dimsum @Gertjan
        last edited by Feb 8, 2024, 3:41 PM

        @Gertjan said in Is possible to log user access on http, https?:

        You could install pfBlockerng - block all known "DNS over HTTPS/TLS/QUIC Blocking" on Firewall > pfBlockerNG > DNSBL SafeSearch
        Add this Redirecting Client DNS Requests so clients are forced to use pfSEnse as there DNS.

        Can you explain these steps to process? I have to install pfBlocker and create a DNS redirect rule. but I cannot get any log just like you.

        Here is my setting:

        41d81505-7943-41e2-aa3f-419bc384087e-image.png

        c963976f-d688-4393-8478-b6d8b1830aa0-image.png

        867fa2cf-45cf-42ce-89f6-a54148aa5c1d-image.png

        Thanks.

        G 1 Reply Last reply Feb 8, 2024, 3:50 PM Reply Quote 0
        • G
          Gertjan @dimsum
          last edited by Feb 8, 2024, 3:50 PM

          @dimsum

          Don't enable SafeSerach Redirection and Youtube Restrictuions as you have to study the side effects first.

          Use these settings :

          9c2311fb-aaa5-402f-a605-de1036ae9b03-image.png

          and add also, while you're there, add one or two 'small' DNSBL :

          50672d8c-e4de-4885-aed7-4f8056a23666-image.png

          Note somewhere on a post-it : "the host names present in these two lists will get blocked".

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          1 Reply Last reply Reply Quote 1
          • D
            dimsum
            last edited by Feb 9, 2024, 1:15 AM

            Thank you for your help.

            1 Reply Last reply Reply Quote 0
            5 out of 5
            • First post
              5/5
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
              This community forum collects and processes your personal information.
              consent.not_received