Page 1 of 1

Domains in logs and Firewall connections

Posted: Sat Sep 24, 2016 3:15 pm
by MikroTikFan
Hi,

I would like to have better control on my online traffic and I'm wondering how to see on-line current traffic.
In firewall we have online connections but only as a IP address.

Is this possible to convert them and see somehow domain list connections ?

Re: Domains in logs and Firewall connections

Posted: Sat Sep 24, 2016 7:01 pm
by pe1chl
Not in the firewall, it works exclusively with addresses.
You could consider feeding the netflow information to a computer that runs a netflow analyzer and that may be able to convert addresses to names.
(IP->traffic-flow)

Re: Domains in logs and Firewall connections

Posted: Sat Sep 24, 2016 9:15 pm
by MikroTikFan
Why this is not possible to get domain names. Other routers like DD-WRT or Openwrt can do this.

Re: Domains in logs and Firewall connections

Posted: Tue Sep 27, 2016 2:08 am
by razavim
you have two options.
1-web-proxy
2- go to tools sniff,choose what traffic to filter(send) nad give the ip address of a pc in you network and run Wireshark then in program choose to reaolve Ip. it will show you donain name as well.

as other iser mentioned the netflow is also viable in your case

Sent from my SM-N910C using Tapatalk

Re: Domains in logs and Firewall connections

Posted: Wed Nov 02, 2016 5:51 pm
by MikroTikFan
Thanks for this hints. Could you please explain in more details how to implement this.
I have also Ubuntu server and maybe there is any solution how to automatically monitor all traffic by Ubuntu software.
Important is to resolve all ip connection to domains, Preferred on-line monitoring solution

Ad.1 Web-Proxy - how to implement this ?
Ad.2 Tools - please explain how to transfer online all traffic to this software: Ubuntu server as a web based system preferred

I can use on RB3011 Dude software, can I use this to solve my domain based traffic?

Thanks in advance.

Re: Domains in logs and Firewall connections

Posted: Thu Nov 03, 2016 7:49 am
by jarda

Re: Domains in logs and Firewall connections

Posted: Thu Nov 03, 2016 8:11 am
by RonJohn63
Why this is not possible to get domain names. Other routers like DD-WRT or Openwrt can do this.
And Tomato Shibby. A list of the last 50(?) web sites visited, with timestamp and LAN IP address. Stunningly useful.

Re: Domains in logs and Firewall connections

Posted: Fri Nov 11, 2016 10:44 pm
by MikroTikFan
Why this is not possible to get domain names. Other routers like DD-WRT or Openwrt can do this.
And Tomato Shibby. A list of the last 50(?) web sites visited, with timestamp and LAN IP address. Stunningly useful.
How to implement Tomato Shibby on Mikrotik ?

Re: Domains in logs and Firewall connections

Posted: Sat Nov 12, 2016 8:59 pm
by jarda
Funny. No way to implement whatever into the ros.

Re: Domains in logs and Firewall connections

Posted: Tue Nov 15, 2016 12:06 am
by MikroTikFan
Can I use Dude for main network traffic monitoring by domain names ?

Re: Domains in logs and Firewall connections

Posted: Tue Nov 15, 2016 12:19 am
by jarda
No.