NAT Detector

From Wiki of WFilter NG Firewall
Jump to: navigation, search

1 NAT Detector

NAT Detector module can detect NAT sharing services in local networks.

  • WFilter analysises internet usage records to check whether NAT sharing services are running.
  • You need to enable recording for client devices to be checked.

2 Settings

  • Basic Settings
    • NAT Detector: whether or not to enable NAT detector.
    • IP Range: IP range to enable "nat detector". One IP/Range per line. "#" starts a comment, "-" starts an exception. For example: 192.168.1.1, 192.168.1.1-192.168.1.20, -192.168.1.10.
    • Block Routed TTL: block packets being routed based on TTL checking.
    • Interval: Do analysis based on internet usage in configured time peroid.
    • Detection Policy: set OS exceptions.
    • Message: display a message when clients are blocked.(Users will see this message when a http webpage is blocked)
  • Action
    • Block internet access for N minutes when NAT sharing is detected.
    • Add to a virtual group for N minutes when NAT sharing is detected. You can use other modules to apply policies to this virtual group.

Natdetector settings 01.png

Natdetector settings 02.png

3 History

In "History", you can query NAT detector history, including IP addresses, MAC address, punishment action... You also can click "Query" icon to check the details.

Natdetector history 01.png

Natdetector history 02.png

Personal tools
Namespaces

Variants
Actions
Navigation
Tools