Hi,
I would like to monitor my outbound connections (not the traffic, only requests or the IP/domain) on my home network.
What's kind of plugin do you suggest?
Do you know if a TP-Link AC1750 is able to manage around 10 hosts?
This router has a USB port as well, can I use that to store the connection logs?
Thanks
Sure, assuming your device is the acting DNS.
IPs aren't logged by DNS though, since there's no lookup taking place.
I'm not sure of domains, but I suggest softflowd to record IP traffic by IP/protocol/port/total data/etc. It's a package available in OpenWrt.
You can set it to monitor WAN.
Information: https://github.com/irino/softflowd/blob/master/README
...but, this usually requires a 3rd collector. I do not think trying to record all IP traffic - then also recording it on the same device, it not a CPU-wise choice.
This is a free collector: https://sourceforge.net/projects/nfsen/
If you live in a country/US state (e.g. California) with newer online privacy laws, be sure that this is OK in your jurisdiction - or follow the proper rules. I understand this might apply to guests on your network too or running servers and recording them on the router in lieu, etc. - so check your local laws.
Interesting. Can you point me to a narrative?
I think that @lleachii was simply trying to ensure that the OP is aware of any potential privacy laws that could be at issue. Depending on the OP's location and situation, there may not be specific laws that apply, but it is important to ensure that advice on this forum always errs on the side of caution. (@lleachii - please correct me if you had a different intent.)
Anyway, with respect to California, I think that the laws really only apply to businesses, but IANAL and I only read the summary of the CCPA. From the linked page, you can find this:
3. What is considered personal information under the CCPA?
Personal information is information that identifies, relates to, or could reasonably be linked with you or your household. For example, it could include your name, social security number, email address, records of products purchased, internet browsing history, geolocation data, fingerprints, and inferences from other personal information that could create a profile about your preferences and characteristics.
Since the OP is interested in monitoring internet browsing history, this certainly would apply if they are a business in California. Similar things might be true in other locations.
@psherman pretty much covered my point and already pasted some information regarding California - so here's some on the EU:
The recording of IPs is covered as a kind of activity that could possibly violate one's privacy.
Thanks to both of you for these links. I tend to focus locally on such issues. Good to know.
Agreed, and a fair point, but the OP's intent seemed clearly stated.
@lleachii
I understand your admonition, but it seemed to imply monitoring traffic on your personal internal network could be problematic. Given I use softflowd for similar purposes, I was curious as to what jurisdictions might actually have such restrictions.
True. But when future readers find this post, the note about checking the legality of the monitoring may be useful, especially if they are a business.
And I don't personally know if any of these laws apply to home networks, but it is possible that some jurisdictions have particularly strict rules about this stuff.
At least in the EU it does (all users need to be informed/ consent).
I'm not sure how many people run servers and record people for personal purposes, as in my example...although, I'm also unclear why you'd be recording someone in a non-personal situation. In my case, the point is to record those who do not have my permission to access the network.
I don't think the term "personal" is used like you employ it. Fact is, if you are in a situation to record people without their consent and then leak/breach the data, then be mindful.
Nonetheless, apologies if that's the impression you received.
A while back, I wrote a series of blog posts about using Netflow on OpenWrt. https://randomneuronsfiring.com/netflow-collectors-for-home-networks/
I also recommend softflowd for sending ("exporting") netflow information to a Netflow Collector such as nfsen (see the blog postings for other options).