Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[Zing Pow]

Is it possible to get both allowed and blocked web access logging?  I'm using the 2.06NA firmware and no matter how I configure the router, I just can't get it to work, so either I'm missing something or the firmware has a defect, I hope its me, but I fear its a defect.

Thanks

[FurryNutz]

Logging? you referring to having the router show when certain sites are being accessed and blocked?

[Zing Pow]

Let me go through a detailed step by step of my configuration with some comments and then hopefully someone can point out what I've missed as certainly no web access information is showing up in the syslog output or the logging page.

First my objective, to recieve web access information via syslog for all sites visited and an indication of attempts to visit blocked sites.

I am receiving information from the router via syslog so that is working (just not receiving the information I want).





Web Filter Setup (note I want to list sites to block here as my general policy is to let people go where they want and if it becomes a problem we block access to selected sites)



I then setup a Policy

Name


Want it on all the time


Select Other Machines as we want this policy to apply to all systems on the network


We want to block our selected sites


Apparently there is not Step 5, but again we are asked about Web Access Logging which we want so its Enabled


and the resulting policy is created, enabled etc.



Now when we visit the blocked site we the browser displays that the site is blocked (good)



However no indiciation in the syslog or logging screen about the blocked access, in fact there isn't any Web Access information in the logging screen or syslog.



So what have I missed configured or is this a defect in the firmware?

Thanks

[FurryNutz]

Is possible that the FW doesn't support or report any return information back on logging access to blocked sites as these are generally home user routers that might not incorporate a lot of advanced diagnostic features as say a business class router might have.

I'll have a check when I get home and see if I get the same results.

[FurryNutz]

I got this from my DIR-655  B1 v2.00 info Nov 30 17:12:00  test.com/ blocked for #.#.57.3  

Testing out my 825:
Rev. B1 FW-v2.05NA
Nov 30 17:57:09 test.com/favicon.ico accessed from ##.57.3
Changed to Deny Access
Nov 30 17:58:26 test.com/ blocked for #.#.57.3

[Zing Pow]

Perhaps I need to roll back the firmware version then as perhaps the 2.06NA firmware has a problem?

When you change to 'Deny Access' do you still get notification of permitted web access?  If not is there a way you can get your router to log both permitted and denied?

If I can the policy to Log Web Access Only (step 4), then I get logging of web access:

<13>kernel: Web Access Logs: www.dslreports.com accessed from 192.168.0.101 (00:19:d1:90:03:8b)

but then it won't deny the sites I entered.

How many policies are you running?  If I create a policy for each machine where I setup 'Block Some Access' then I can get both access and denied logs,

<14>urlblock[20595]: test.com blocked for 192.168.0.101

but if a new machine hooked into the network they would be able to access sites I would want blocked by default.  So in short while I might be able to fudge something together which sort of works, the 2.06NA firmware is IMHO broken when it comes to logging web access.  Certainly if someone from D-Link wants to talk to me, I would be happy to work with them to get this working correctly.

Blake

[FurryNutz]

I think Web access is set for either Deny or Allow and you can't do both at the same time.

I can load up 2.06 tomorrow and test to see if I can reproduce this using that version. I presume that I might now however will see.

Are there certain users on your network that your trying to manage?
Also have you set up a schedule for inclusion to the management?

I only added one policy to test however you should be able to any many. Just need to figure out what sites you want to Deny vs allow.