Re: [PacketFence-users] [logs]Can I log all the registered traffic passing through packetfence?

Thu, 10 Apr 2014 06:23:20 -0700 

Sorry for the delay, but it takes times to check all the configuration.

I use inline mode and I didn't think of the netfilter logs because I 
only used it for dropped packets.
It works perfectly well, kudos to Fabrice, but I needed something better 
than a whole lot of packets on kern.log.

So, first things first:
_Change the /usr/local/pf/conf/iptables.conf file with this:
-A forward-internal-inline-if -s 192.168.X.0/24 -j LOG --log-prefix 
"[packetfilter] "
on the section forward-internal-inline-if

_add a file on /etc/rsyslog.d and copy paste this:
:msg,contains,"[packetfilter] " /var/log/pfaccesslogs/packetfilter.log
it will redirect all the PF log into the 
/var/log/pfaccesslogs/packetfilter.log file.

_Then add a file on /etc/logrotate.d directory:
/var/log/pfaccesslogs/packetfilter.log {
         weekly
         missingok
         rotate 52
         compress
         delaycompress
         notifempty
         create 640 root adm
         sharedscripts
}

I need to keep one year of wifi logs, change the configuration to suits 
your needs.

Et voila! This is very useful for French based configurations.

Le 19/03/2014 17:35, Fabrice DURAND a écrit :
> Hello Guillaume,
>
> if you are using inline mode then you will probably have to use iptables
> with the log option.
> If it´s out of band then there is no way to log the internet access.
>
> regards
> Fabrice
>
> Le 2014-03-17 11:28, Estival Guillaume a écrit :
>> Hello, packetfence Users
>>
>> I'm looking for a way to keep logs of the Internet usage passing through
>> my packet fence system.
>>
>> I checked the various logs available and didn't find anything about
>> registered users' logs.
>>
>> Using a proxy such as Squid is not option, as it need to be setup on the
>> computer to be trouble free: using transparent proxy for https needs a
>> huge hack of SSL certificates on every computer using the proxy.
>>
>> thanks you in advance.
>>
>


-- 
Guillaume ESTIVAL
___________________
CREATIVE EURECOM
39, Bd de la Romanerie
49124 St BARTHELEMY D'ANJOU
t : 02 41 73 18 18
f : 02 41 73 07 33



------------------------------------------------------------------------------
Put Bad Developers to Shame
Dominate Development with Jenkins Continuous Integration
Continuously Automate Build, Test & Deployment 
Start a new project now. Try Jenkins in the cloud.
http://p.sf.net/sfu/13600_Cloudbees
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to