How to log all site domains accessed through a tomato router?

router proxy logging tomato

10,014

Solution 1

Since everyone uses my router as an DNS server and Syslog was already enabled, all I had to do was go to

Advanced > DHCP / DNS > Dnsmasq Custom Configuration

And typed

log-queries

And save.

I found this solution at http://www.dslreports.com/forum/r23197832-Tomato-Enable-DNS-lookup-logging

Solution 2

The closer I could get is to log all outbound or inbound connections in:

Administration > Logging > Connection Logging > Inbound or Outbound > If Allowed by Firewall

Then it will appear in the log like this

Feb 5 15:00:00 unknown user.warn kernel: ACCEPT IN=br1 OUT=vlan2 SRC=192.168.0.2 DST=61.61.61.61 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=2973 DF PROTO=TCP SPT=51313 DPT=80 WINDOW=4096 RES=0x00 SYN URGP=0 OPT (010203B30203030101020302)

From the DST field I can guess the target domain using a reverse DNS lookup

10,014

Jader Dias

Perl, Javascript, C#, Go, Matlab and Python Developer

Updated on September 18, 2022

Comments

Jader Dias over 1 year

I would like to monitor all traffic in my home network, and I believe that there is not much disk space in my router to record all that pass through. I could be happy enough if I could log only the HTTP domains accessed, or if I could save it externally.
- Jader Dias about 12 years
  
  @Shiki what log file? I haven't found any log file that contains the information I want in tomato.
- yosh m about 12 years
  
  Can you set it up to send to a SYSLOG server? Then you can have the server log, filter, etc. however you like - plus the Syslog Server probably has plenty of disk space. I'm not familiar with Tomato, but my D-Link router can do that. Note that on D-Link you have to go to a non-obvious place to get it to log sites accessed - perhaps something similar on your router.
- Jader Dias about 12 years
  
  @yoshm Yes, syslog is already enabled