Monitoring traffic in a school



  • Hi,
    I'm not sure where to start with this, basically I want to intercept all traffic before it gets to the router but the pfsense needs to be transparent and not visible to either the Cisco switch or Cisco router that are in place. We need to monitor internet usage by IP and what websites devices are accessing, be that iPads's or PC's. Can anyone recommend a way to achieve this using pfsense?
    Thanks



  • Not to hijack your thread, but I too would like to be able to see, in realtime, where my users (my kids) are going.  The traffic graph shows bw used by client, but how can i tell what servers my clients are communicating with?



  • Squid, set as a transparent proxy will be invisible and can be used to monitor by IP address

    However, it will not monitor encrypted traffic: meaning that you will not see google searches or Facebook content

    You will also not be able to stop vpn using squid.

    You could segment the network and block this type of encrypted traffic though



  • Is there anyway just to intercept the traffic, log it then send it on it's way without making it the proxy?

    eg:
    Instead of…..
    PC --- SWITCH ---- GATEWAY --- INTERNET

    it is....
    PC --- SWITCH ---- PFSENSE --- GATEWAY --- INTERNET

    With no modifications to the clients?



  • A transparent proxy is invisible for all intents and purposes to the client

    You could log all traffic, but when it is encrypted you will just see a garbled mess

    You will not be able to see encrypted traffic without modifying the clients