Wifi router browsing history

how do I find my wi-fi device visited websites from the Linux environment?
without installing new packages though, I have tried checking for logs can't see any history logs . how do I activate my router to log the visited website and how do I use tcpdump to get the browsed history of my device

are you referring to a client, or the router itself ?

the router itself i am working on this router and I need to activate the history feature so user can access it from the UI

the router itself doesn't generate any traffic, except for NTP requests to time servers.
there will obviously be DNS requests initiated by it too, but it's acting as a proxy for the clients.

OpenWRT does not collect any history or telemetry as you observed.

but it does track data packets that pass through the device right?

Yes, like logically that they make up a connection.
Yo uare asking ssl visibility via deep packet inspection WITHOUT ADDITIONAL PACKAGES. Nope, that does not fly, you need expensive purpose-built box for that.

which package do i need to install to capture the network traffic on the device so I can filter the HTTP and HTTPS request from output

filter how ?

tcpdump was a good idea, but you don't really need a filter, since they run on different ports.

The whole point of https is that you cannot do that.

well, you can capture it, but it's unreadable ... :wink:

i did tcpdump -i ra0 -w /tmp/capture.pcap 'tcp port 80 or tcp port 443' and got a reponse of

tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes

19:23:42.402159 IP (tos 0x0, ttl 64, id 26023, offset 0, flags [DF], proto TCP (6), length 60) > a23-57-90-113.deploy.static.akamaitechnologies.com.http: Flags [S], cksum 0xecfc (incorrect -> 0x6813), seq 4066419490, win 65280, options [mss 1360,sackOK,TS val 2232621480 ecr 0,nop,wscale 7], length 0
19:23:42.706042 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto TCP (6), length 60)
    a23-57-90-113.deploy.static.akamaitechnologies.com.http > Flags [S.], cksum 0x8fe4 (correct), seq 1502387392, ack 4066419491, win 64704, options [mss 1360,sackOK,TS val 4086886519 ecr 2232621480,nop,wscale 7], length 0
19:23:42.706062 IP (tos 0x0, ttl 64, id 26024, offset 0, flags [DF], proto TCP (6), length 52) > a23-57-90-113.deploy.static.akamaitechnologies.com.http: Flags [.], cksum 0xecf4 (incorrect -> 0xb7df), ack 1, win 510, options [nop,nop,TS val 2232621784 ecr 4086886519], length 0
19:23:42.711488 IP (tos 0x0, ttl 64, id 26025, offset 0, flags [DF], proto TCP (6), length 52) > a23-57-90-113.deploy.static.akamaitechnologies.com.http: Flags [F.], cksum 0xecf4 (incorrect -> 0xb7d9), seq 1, ack 1, win 510, options [nop,nop,TS val 2232621789 ecr 4086886519], length 0
19:23:42.963639 IP (tos 0x0, ttl 63, id 22327, offset 0, flags [DF], proto TCP (6), length 52)

i think it reponds with the ipadress

It does look up host name from IP address, not very related to what user typed in browser.

Please post output of

ubus call system board
/ # ubus call system board
        "kernel": "5.4.238",
        "hostname": "OpenWrt",
        "system": "ARMv8 Processor rev 0",
        "model": "MediaTek evb6890v1_64_cpe",
        "board_name": "MediaTek generic board",
        "release": {
                "distribution": "OpenWrt",
                "version": "21.02.7",
                "revision": "r16847-f8282da11e",
                "target": "gem6xxx/evb6890v1_64_cpe",
                "description": "OpenWrt 21.02.7 r16847-f8282da11e"
/ #

/ #

If you want the DNS traffic, it's a different port.

It appears you are using firmware that is not from the official OpenWrt project.

When using forks/offshoots/vendor-specific builds that are "based on OpenWrt", there may be many differences compared to the official versions (hosted by OpenWrt.org). Some of these customizations may fundamentally change the way that OpenWrt works. You might need help from people with specific/specialized knowledge about the firmware you are using, so it is possible that advice you get here may not be useful.

You may find that the best options are:

  1. Install an official version of OpenWrt, if your device is supported (see https://firmware-selector.openwrt.org).
  2. Ask for help from the maintainer(s) or user community of the specific firmware that you are using.
  3. Provide the source code for the firmware so that users on this forum can understand how your firmware works (OpenWrt forum users are volunteers, so somebody might look at the code if they have time and are interested in your issue).

If you believe that this specific issue is common to generic/official OpenWrt and/or the maintainers of your build have indicated as such, please feel free to clarify.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.