![]() ![]() In this example, this lan tap is connected between the router and first switch(J1 and J2). Deploy the LAN Tap.įirst, you need to attach three network cards in the monitoring computer. This blog will guide you to deploy WFilter with “Throwing Star LAN Tap”. Therefore you need three network cards in the monitoring computer, two for monitoring, another for communication. The monitoring port does not allow outgoing traffic.Create a passive network tap for your home network.Guide to make a network tap can be found at below links: Low cost, you even can dry it by yourself.Once a network tap is in place, the network can be monitored without interfering with the network itself.Handy and flexible, requires no power supply.Comparing to “port mirroring” switch, it has several advantages: Network tap is also a good way to monitor network traffic. This entry was posted in Content Filter, Deployment on by WFilter. Therefore, you can not use “by mac address” monitoring mode of WFilter, use “by ip address” instead. Please notice, “iptables” will not forward original mac addresses of packets. Iptables -A PREROUTING -t mangle -j ROUTE –gw 192.168.1.100 –tee If you want this rule to exist after router rebooting, you need to add these two commands into the startup scripts in “Administration – Scripts”. You can list your iptables rules to check whether this rule is successfully added. In this example, we forward packets to “192.168.1.100″. Add the iptables rule for packet forwarding. Login into your Tomato router using any ssh client.įor “–tee” option to work, you need to enable the “ipt_ROUTE” module, which is not enabled by default.Ĥ. Enable SSH login in TomatoĮnable “SSH Daemon” in “Administration” – “Admin Access”. In this tutorial, we will guide you to deploy WFilter using a Tomato router(firmware version: v1.28). With this feature, you can deploy monitoring easily when you have an embed Linux router. The “–tee” option of iptables can mirror network packets to a target ip address. How to deploy WFilter with tomato router? This entry was posted in Content Filter, Deployment, How to monitor internet usage, Internet Monitoring on by WFilter. Now WFilter shall be able to monitor client computers. In this example, we choose “eth0″ wireless adapter as the mirrored source interface. You need to edit /etc/config/port-mirroring to set the mirroring target and mirrored source interfaces. In this guide, let’s take linksys wrt54g router as an example.īecause gargoyle is based on openwrt attitude adjustment 12.09 branch, we need to install the build for openwrt 12.09. ![]() Installationįor detailed installation guide, please check Port-mirroring open source packet mirroring. Port-mirroring is an open source project sponsored by IMFirewall Software, it is designed to mirror network traffic on linux systems. We assume you already has an Gargoyle router, if not, please check Gargoyle homepage to get the latest firmware. ![]() This blog will guide you to install “port-mirroring” program in your Gargoyle router and deploy WFilter for internet monitoring and filtering. even if your router hardware does not support “port mirroring” function, you can also enable traffic mirroring by software mirroring. Gargoyle can extend your wireless router into a powerful Linux system. Gargoyle is an OpenWrt distribution which aims to be easy to use through a simplified Web interface. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |