[Balug-Talk] ip masquerading and system logs

Hoover Chan chan at sacredsf.org
Wed Nov 7 22:25:57 PST 2007 

Just to clarify a little more about what I'd like to learn and solve, to 
the outside world, they only see the IP and MAC address of the gateway 
machine running IP masquerade. Inside, in the log files that I can see in 
/var/log, I only see the DHCP handoff to a MAC adress for a workstation 
but after that, no information about where that IP/MAC combination went on 
the Internet.

Even as I write this, I'm looking around on the Internet for discussions 
on how to improve tracking using this combination.

Thanks again...

--------------------------------------------------
Hoover Chan                   chan at sacredsf.org
Director of Technology
Schools of the Sacred Heart
2222 Broadway St.
San Francisco, CA 94115


On Thu, 8 Nov 2007, Ruben Safir wrote:

> Date: Thu, 8 Nov 2007 00:46:00 -0500
> From: Ruben Safir <ruben at mrbrklyn.com>
> To: Hoover Chan <chan at sacredsf.org>
> Cc: balug-talk at lists.balug.org
> Subject: Re: [Balug-Talk] ip masquerading and system logs
> 
> On Wed, Nov 07, 2007 at 09:26:38PM -0800, Hoover Chan wrote:
>> I'm in an environment where I'm being asked to track where students are
>> going on the Internet. The workstations in question are using dynamic
>> addressing and IP masquerading. Is it a matter of adjusting the log level
>> for syslogd or do I need to go to something like Squid and Dansguardian?
>> Or something else?
>
> You might give them assinged IP addresses based on the MAC with DHCPCD
> and then you will be able to log them.  I use ntop for some businesses
> and my house.
>
> Ruben
>
>>
>> Yes, I know about privacy implications here too and I'm raising that issue
>> at the same time but there are some compelling circumstances for
>> protecting children...
>>
>> Thanks in advance.
>>
>> --------------------------------------------------
>> Hoover Chan                   chan at sacredsf.org
>> Director of Technology
>> Schools of the Sacred Heart
>> 2222 Broadway St.
>> San Francisco, CA 94115
>>
>> _______________________________________________
>> Balug-Talk mailing list
>> Balug-Talk at lists.balug.org
>> http://lists.balug.org/listinfo.cgi/balug-talk-balug.org
>
> -- 
> http://www.mrbrklyn.com - Interesting Stuff
> http://www.nylxs.com - Leadership Development in Free Software
>
> So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world  - RI Safir 1998
>
> http://fairuse.nylxs.com  DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
>
> "Yeah - I write Free Software...so SUE ME"
>
> "The tremendous problem we face is that we are becoming sharecroppers to our own cultural heritage -- we need the ability to participate in our own society."
>
> "> I'm an engineer. I choose the best tool for the job, politics be damned.<
> You must be a stupid engineer then, because politcs and technology have been attached at the hip since the 1st dynasty in Ancient Egypt.  I guess you missed that one."
>
> © Copyright for the Digital Millennium
>

More information about the Balug-Talk mailing list