We've got a portable satellite Internet connection that we'd like to share wirelessly at several remote events this summer. All Internet traffic passes through a Linux box, so that we have the ability for monitoring and the use of netfilter/iptables:
Access Point(AP) Linux:eth1 Linux:eth0 satellite modem
The AP will be allowed via MAC addresses only (ACL), so that we can keep a list of who belongs to what MAC; IP addresses will be DHCP-served by the AP. What we'd like to accomplish is some sort of record-keeping in order to protect ourselves in the event that someone uses the connection to visit a child-p*rn site or the like, and the FBI comes back on us, the responsible owner of the satellite connection.
We don't wish to snoop users' content, but only to maintain a concise record of which MAC address (and thus, $user) connects to a web site, and when. The AP allows "URL redirection" if needed or desired, as well as remote SNMP traps and syslog functionality.
Does a transparent proxy seem reasonable? Is "squid" the tool for this task? And is there a pre-defined filter of some sort that can be applied to preemptively avoid any known child-p*rn sites, whatever they may be? And how might we keep a record on the Linux box of what MAC connects to what URL and the time and duration of each connection? Does netfilter/iptables serve any purpose here, and if so, what syntax should be used?
Thanks for any suggestions and/or examples. Much of this is new to us, and we'd like to get it right the first time out.