Monitoring traffic in a school
-
Hi,
I'm not sure where to start with this, basically I want to intercept all traffic before it gets to the router but the pfsense needs to be transparent and not visible to either the Cisco switch or Cisco router that are in place. We need to monitor internet usage by IP and what websites devices are accessing, be that iPads's or PC's. Can anyone recommend a way to achieve this using pfsense?
Thanks -
Not to hijack your thread, but I too would like to be able to see, in realtime, where my users (my kids) are going. The traffic graph shows bw used by client, but how can i tell what servers my clients are communicating with?
-
Squid, set as a transparent proxy will be invisible and can be used to monitor by IP address
However, it will not monitor encrypted traffic: meaning that you will not see google searches or Facebook content
You will also not be able to stop vpn using squid.
You could segment the network and block this type of encrypted traffic though
-
Is there anyway just to intercept the traffic, log it then send it on it's way without making it the proxy?
eg:
Instead of…..
PC --- SWITCH ---- GATEWAY --- INTERNETit is....
PC --- SWITCH ---- PFSENSE --- GATEWAY --- INTERNETWith no modifications to the clients?
-
A transparent proxy is invisible for all intents and purposes to the client
You could log all traffic, but when it is encrypted you will just see a garbled mess
You will not be able to see encrypted traffic without modifying the clients