Logging URLs
-
Hi,
I don't have a problem but I am missing functionality in pfSense. Maybe there is a solution for this but I was not able to figure out how to achieve this.
I am trying to set up pfSense as an internet proxy with unlimited access. Captive portal is configured in order to have a user authentication system. After the authentication, I need to know every URL a user has visited (for legal reason).
I have tried the transparent squid solution, but apparently this doesn't work for https. Forcing the user to use squid as a proxy server is also no opportunity because we often have users with limited user accounts and no possibility to change the proxy settings.
So I have thought about using snort, but I am not sure how to configure it. Another opportunity would be to use urlsniff, but unfortunately I am not keen enough to create a package for it.
Is it possible to integrate something that makes it possible to log every visited url or is it even possible to achieve this with the existing stuff? (how?)
Any help is very appreciated.
Thanks in advance,
Manuel -
To give myself an answer.
The only solution is to configure squid as acceleration proxy and set up a ssl-cert manually. Then squid is able to interrupt ssl connections and handle them by itself. This should ensure logging https connections without having to set anything up withing the client os.
But, unfortunately it seems that the squid package was compiled without the appropriate options.
Cheers,
Manuel