[Balug-Talk] ip masquerading and system logs

Ruben Safir ruben at mrbrklyn.com
Wed Nov 7 22:35:54 PST 2007 

On Wed, Nov 07, 2007 at 10:25:57PM -0800, Hoover Chan wrote:
> Just to clarify a little more about what I'd like to learn and solve, to 
> the outside world, they only see the IP and MAC address of the gateway 
> machine running IP masquerade. Inside, in the log files that I can see in 
> /var/log, I only see the DHCP handoff to a MAC adress for a workstation 
> but after that, no information about where that IP/MAC combination went on 
> the Internet.
> 
> Even as I write this, I'm looking around on the Internet for discussions 
> on how to improve tracking using this combination.
> 
> Thanks again...
> 


What I said origianally was correct.  There is no DHCP 'handoff'.  You need
to get into the /etc/dhcp.conf file and add the MAC addresses for your
devices.

Ruben

> --------------------------------------------------
> Hoover Chan                   chan at sacredsf.org
> Director of Technology
> Schools of the Sacred Heart
> 2222 Broadway St.
> San Francisco, CA 94115
> 
> 
> On Thu, 8 Nov 2007, Ruben Safir wrote:
> 
> >Date: Thu, 8 Nov 2007 00:46:00 -0500
> >From: Ruben Safir <ruben at mrbrklyn.com>
> >To: Hoover Chan <chan at sacredsf.org>
> >Cc: balug-talk at lists.balug.org
> >Subject: Re: [Balug-Talk] ip masquerading and system logs
> >
> >On Wed, Nov 07, 2007 at 09:26:38PM -0800, Hoover Chan wrote:
> >>I'm in an environment where I'm being asked to track where students are
> >>going on the Internet. The workstations in question are using dynamic
> >>addressing and IP masquerading. Is it a matter of adjusting the log level
> >>for syslogd or do I need to go to something like Squid and Dansguardian?
> >>Or something else?
> >
> >You might give them assinged IP addresses based on the MAC with DHCPCD
> >and then you will be able to log them.  I use ntop for some businesses
> >and my house.
> >
> >Ruben
> >
> >>
> >>Yes, I know about privacy implications here too and I'm raising that issue
> >>at the same time but there are some compelling circumstances for
> >>protecting children...
> >>
> >>Thanks in advance.
> >>
> >>--------------------------------------------------
> >>Hoover Chan                   chan at sacredsf.org
> >>Director of Technology
> >>Schools of the Sacred Heart
> >>2222 Broadway St.
> >>San Francisco, CA 94115
> >>
> >>_______________________________________________
> >>Balug-Talk mailing list
> >>Balug-Talk at lists.balug.org
> >>http://lists.balug.org/listinfo.cgi/balug-talk-balug.org
> >
> >-- 
> >http://www.mrbrklyn.com - Interesting Stuff
> >http://www.nylxs.com - Leadership Development in Free Software
> >
> >So many immigrant groups have swept through our town that Brooklyn, like 
> >Atlantis, reaches mythological proportions in the mind of the world  - RI 
> >Safir 1998
> >
> >http://fairuse.nylxs.com  DRM is THEFT - We are the STAKEHOLDERS - RI 
> >Safir 2002
> >
> >"Yeah - I write Free Software...so SUE ME"
> >
> >"The tremendous problem we face is that we are becoming sharecroppers to 
> >our own cultural heritage -- we need the ability to participate in our own 
> >society."
> >
> >"> I'm an engineer. I choose the best tool for the job, politics be 
> >damned.<
> >You must be a stupid engineer then, because politcs and technology have 
> >been attached at the hip since the 1st dynasty in Ancient Egypt.  I guess 
> >you missed that one."
> >
> >© Copyright for the Digital Millennium
> >


-- 
http://www.mrbrklyn.com - Interesting Stuff
http://www.nylxs.com - Leadership Development in Free Software

So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world  - RI Safir 1998

http://fairuse.nylxs.com  DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002

"Yeah - I write Free Software...so SUE ME"

"The tremendous problem we face is that we are becoming sharecroppers to our own cultural heritage -- we need the ability to participate in our own society."

"> I'm an engineer. I choose the best tool for the job, politics be damned.<
You must be a stupid engineer then, because politcs and technology have been attached at the hip since the 1st dynasty in Ancient Egypt.  I guess you missed that one."

© Copyright for the Digital Millennium

More information about the Balug-Talk mailing list