NATDetector

From Wiki of WFilter NG Firewall
(Difference between revisions)
Jump to: navigation, search
(Created page with "{{DISPLAYTITLE:NAT Detector}} == NAT Detector == NAT Detector module can detect NAT sharing services in local networks. * WFilter analysises internet usage records to check ...")
 
(Settings)
 
(2 intermediate revisions by one user not shown)
Line 9: Line 9:
 
* Basic Settings
 
* Basic Settings
 
** NAT Detector: whether or not to enable NAT detector.
 
** NAT Detector: whether or not to enable NAT detector.
 +
** IP Range: IP range to enable "nat detector". One IP/Range per line. "#" starts a comment, "-" starts an exception. For example: 192.168.1.1, 192.168.1.1-192.168.1.20, -192.168.1.10.
 
** Block Routed TTL: block packets being routed based on TTL checking.
 
** Block Routed TTL: block packets being routed based on TTL checking.
 
** Interval: Do analysis based on internet usage in configured time peroid.
 
** Interval: Do analysis based on internet usage in configured time peroid.
 +
** Detection Policy: set OS exceptions.
 
** Message: display a message when clients are blocked.(Users will see this message when a http webpage is blocked)
 
** Message: display a message when clients are blocked.(Users will see this message when a http webpage is blocked)
** IP Exception: IP address or IP ranges won't be checked.
 
 
* Action
 
* Action
 
** Block internet access for N minutes when NAT sharing is detected.
 
** Block internet access for N minutes when NAT sharing is detected.
** 自动加入虚拟组N分钟。检测到共享服务时自动加入虚拟组。您可以通过其他模块对虚拟组配置更多的管控策略。
+
** Add to a virtual group for N minutes when NAT sharing is detected. You can use other modules to apply policies to this virtual group.
  
[[文件:natdetector_settings_01.png|900px]]
+
[[File:natdetector_settings_01.png|800px]]
  
== 检测记录日志 ==
+
[[File:natdetector_settings_02.png|450px]]
  
点击“检测记录日志”,可以查看共享检测的历史,包括IP地址、MAC地址、惩罚措施等内容,点击“备注”中的查询图标可以对该记录提供更多的分析数据。
+
== History ==
  
[[文件:natdetector_history_01.png|900px]]
+
In "History", you can query NAT detector history, including IP addresses, MAC address, punishment action... You also can click "Query" icon to check the details.
  
[[文件:natdetector_history_02.png|600px]]
+
[[File:natdetector_history_01.png|900px]]
 +
 
 +
[[File:natdetector_history_02.png|600px]]

Latest revision as of 17:08, 30 March 2020

[edit] 1 NAT Detector

NAT Detector module can detect NAT sharing services in local networks.

  • WFilter analysises internet usage records to check whether NAT sharing services are running.
  • You need to enable recording for client devices to be checked.

[edit] 2 Settings

  • Basic Settings
    • NAT Detector: whether or not to enable NAT detector.
    • IP Range: IP range to enable "nat detector". One IP/Range per line. "#" starts a comment, "-" starts an exception. For example: 192.168.1.1, 192.168.1.1-192.168.1.20, -192.168.1.10.
    • Block Routed TTL: block packets being routed based on TTL checking.
    • Interval: Do analysis based on internet usage in configured time peroid.
    • Detection Policy: set OS exceptions.
    • Message: display a message when clients are blocked.(Users will see this message when a http webpage is blocked)
  • Action
    • Block internet access for N minutes when NAT sharing is detected.
    • Add to a virtual group for N minutes when NAT sharing is detected. You can use other modules to apply policies to this virtual group.

Natdetector settings 01.png

Natdetector settings 02.png

[edit] 3 History

In "History", you can query NAT detector history, including IP addresses, MAC address, punishment action... You also can click "Query" icon to check the details.

Natdetector history 01.png

Natdetector history 02.png

Personal tools
Namespaces

Variants
Actions
Navigation
Tools