Dear all ,
How to Monitor Specific ip address and his URL that he visits every minutes .
for example :
1:00 AM 192.168.1.10 www.facebook.com
1:00 AM 192.168.1.10 www.yahoo.com/a/mail/
so on..
like url logging for every url he visits or even uses whatsapp or facebook or messenger or viber or whatever is in Mobile.
waitting for your ansswers for solution
-
-
victorsoares
Member Candidate
- Posts: 106
- Joined:
- Location: Ubatuba, São Paulo - Brazil
- Contact:
Re: How to Monitor specific Ip
Well if this is a site that contains only one host IP it's easy, but if it is something like facebook, with multiple hosts, just mark the connection and then create a log rule on firewall over this connection mark, like so:
Just keep in mind that this is going to bring your CPU usage up, so be careful with this.
Code: Select all
/ip firewall mangle
add chain=forward action=mark-connection new-connection-mark=facebook passthrough=yes src-address=192.168.1.10 content=facebook log=no log-prefix=""
add chain=forward action=log log-prefix=facebook-from-192.168.1.10 connection-mark=facebook-
-
tippenring
Member
- Posts: 304
- Joined:
- Location: St Louis MO
- Contact:
Re: How to Monitor specific Ip
I expect this solution will probably not work for SSL connections. Most organizations that run legit websites are forcing SSL now.Well if this is a site that contains only one host IP it's easy, but if it is something like facebook, with multiple hosts, just mark the connection and then create a log rule on firewall over this connection mark, like so:
Just keep in mind that this is going to bring your CPU usage up, so be careful with this.Code: Select all/ip firewall mangle add chain=forward action=mark-connection new-connection-mark=facebook passthrough=yes src-address=192.168.1.10 content=facebook log=no log-prefix="" add chain=forward action=log log-prefix=facebook-from-192.168.1.10 connection-mark=facebook
Re: How to Monitor specific Ip
even if you had a fireall rule to keepp all the dst-address of this IP, it won't mean much as many services are using cloudront and cloudflare server IPs so you ended up geting those.
there are some examples using traffic monitor but I never managed to get it working.
there are some examples using traffic monitor but I never managed to get it working.
Re: How to Monitor specific Ip
thanks but this is just let me know that he open facebook now as url ,but what i need can i capture every page url he access by mikrotik is it possible or not?
Re: How to Monitor specific Ip
This is a good question, in that the OP is not attempting to block anything but just to be aware of all traffic coming from one particular IP on the network.
a. all protocols not encrypted
b. all web traffic unencrypted.
What about when
c. user is using a browser based VPN (that changes IP address of browser from the outside world perspective)?
d. user is using a PC based VPN program:?
e. user uses HTTPS type access to websites?
a. all protocols not encrypted
b. all web traffic unencrypted.
What about when
c. user is using a browser based VPN (that changes IP address of browser from the outside world perspective)?
d. user is using a PC based VPN program:?
e. user uses HTTPS type access to websites?
Who is online
Users browsing this forum: No registered users and 83 guests