1. Home
  2. Wireless Networking
  3. logging traffic from router running DD-WRT

logging traffic from router running DD-WRT

I have a WHR-G54S running v24 beta. We will have a few visitors (family) that will be bringing notebooks. I want to avoid p2p issues so I have experimented with the p2p filtering which seems to work but I also would like to log the traffic because I want to see if it really works.

I have rflow collector running and it has the info I need but the info isn't stored. I installed MySQL and set up the tables exactly like they are noted in Rflow collector only very little is getting written to the database. Googling tells me that this is a common thing and it needs more polishing.

Anyone use other logging applications that have good reporting that work with DD-WRT?

Reply to
George
Loading thread data ...

George hath wroth:

Make sure you have the rstats daemon enabled: Administration -> Services -> Rstats -> Enable

What data are you interested in logging?

For RFLOW, did you use these instructions?

I had it working on v23 SP2 with MySQL 4.1(?) on SUSE 9.3(old), but haven't tried it on the latest versions. In theory, any NETFLOW analyzer will work. Use Google, there are plenty to choose from.

I didn't use NETFLOW and instead decided to use SNMP to log traffic. If all you want is aggregate traffic by IP, I suggest MRTG, PRTG (4 users max), or RRDTool (Linux or Cygwin). These look useful:

However, before you dive into SNMP, you should have some kind of debugging tools available. I use snmputil.exe and GetIF 2.3.1. I covered these in a previous posting at:

Reply to
Jeff Liebermann

Rflow & MACupd are enabled. That doesn't seem to be the issue since Rflow collector is showing lots of data.

I want to log traffic from/to LAN IPs (what they connected to, how much data was moved and a timestamp). Rflow collector is showing all of that but just doesn't save it.

Thats what I used. Only I am running MySQL 5 and have authentication compatibility turned on so Rflow Collector can authenticate.

It authenticates but writes almost nothing into the DB. I don't know how to determine what is broken. It could be because I am running DD-WRT v24.

Thanks but I was shooting for more detail.

Reply to
George

George hath wroth:

Is rstats enabled?

I don't think there's much difference in Rflow in v23 sp2, sp3, and v24. If Rflow is really collecting data, then methinks there might be something wrong with it passing the data to MySQL. Since only some of the data is making it into the database, methinks there might be something wrong with the SQL schema. No way to tell from here.

I suggest you take both Rflow and MySQL out of the picture and try a demo version of any of several dozen Netflow analyzers and loggers. If they capture data correctly, then at least you know that DD-WRT is doing it right. That leaves Rflow and MySQL.

Reply to
Jeff Liebermann

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.