NATDetector
From Wiki of WFilter NG Firewall
(Difference between revisions)
(→Settings) |
|||
Line 12: | Line 12: | ||
** Block Routed TTL: block packets being routed based on TTL checking. | ** Block Routed TTL: block packets being routed based on TTL checking. | ||
** Interval: Do analysis based on internet usage in configured time peroid. | ** Interval: Do analysis based on internet usage in configured time peroid. | ||
+ | ** Detection Policy: set OS exceptions. | ||
** Message: display a message when clients are blocked.(Users will see this message when a http webpage is blocked) | ** Message: display a message when clients are blocked.(Users will see this message when a http webpage is blocked) | ||
* Action | * Action | ||
Line 17: | Line 18: | ||
** Add to a virtual group for N minutes when NAT sharing is detected. You can use other modules to apply policies to this virtual group. | ** Add to a virtual group for N minutes when NAT sharing is detected. You can use other modules to apply policies to this virtual group. | ||
− | [[File:natdetector_settings_01.png| | + | [[File:natdetector_settings_01.png|800px]] |
+ | |||
+ | [[File:natdetector_settings_02.png|450px]] | ||
== History == | == History == |
Latest revision as of 17:08, 30 March 2020
[edit] 1 NAT Detector
NAT Detector module can detect NAT sharing services in local networks.
- WFilter analysises internet usage records to check whether NAT sharing services are running.
- You need to enable recording for client devices to be checked.
[edit] 2 Settings
- Basic Settings
- NAT Detector: whether or not to enable NAT detector.
- IP Range: IP range to enable "nat detector". One IP/Range per line. "#" starts a comment, "-" starts an exception. For example: 192.168.1.1, 192.168.1.1-192.168.1.20, -192.168.1.10.
- Block Routed TTL: block packets being routed based on TTL checking.
- Interval: Do analysis based on internet usage in configured time peroid.
- Detection Policy: set OS exceptions.
- Message: display a message when clients are blocked.(Users will see this message when a http webpage is blocked)
- Action
- Block internet access for N minutes when NAT sharing is detected.
- Add to a virtual group for N minutes when NAT sharing is detected. You can use other modules to apply policies to this virtual group.
[edit] 3 History
In "History", you can query NAT detector history, including IP addresses, MAC address, punishment action... You also can click "Query" icon to check the details.