1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

how and where is web monitor data logged

Discussion in 'Tomato Firmware' started by jan.n, Jan 25, 2014.

  1. jan.n

    jan.n Addicted to LI Member

    Hi all,

    I'm on shibby 1.28 on an Asus RT-N66U. I'm logging to a remote system (my linux server), in case that should matter.
    My question is:
    How and where is web monitor data logged? I can see that data is logged, but how and where?
    Is the data contained in the syslog, or somewhere else?
    Can I get the raw IPs instead of domain names?

    Of course I could craft a iptables rule to sort out the traffic of certain IPs, but I imagine that I could already use the data present in the web monitor...
     
  2. jerrm

    jerrm Network Guru Member

    The data is accessible at /proc/webmon_recent_domains. It is exactly the same data as displayed in the gui but without formatting. I don't think this will help you.

    If all you need are IPs then an iptables log rule is your best course. If you need IPs and URLs/domains then a transparent proxy or urlsnarf is probably needed.
     
  3. jan.n

    jan.n Addicted to LI Member

    THX...
    For reference, after enabling the web monitor, you have another chain "monitor", which does the monitoring.
    I used that chain and inserted the following rule to log new connections to syslog:
    Code:
    root@sheldon:/tmp/home/root# iptables -I monitor -m state --state NEW -j LOG --log-prefix "sniffTV"
    I can now check what our "Smart TV" sends into the net...
    And yes, our router's name is Sheldon ;-)
     

Share This Page