NATDetector
From Wiki of WFilter NG Firewall
(Difference between revisions)
Line 9: | Line 9: | ||
* Basic Settings | * Basic Settings | ||
** NAT Detector: whether or not to enable NAT detector. | ** NAT Detector: whether or not to enable NAT detector. | ||
+ | ** IP Range: IP range to enable "nat detector". One IP/Range per line. "#" starts a comment, "-" starts an exception. For example: 192.168.1.1, 192.168.1.1-192.168.1.20, -192.168.1.10. | ||
** Block Routed TTL: block packets being routed based on TTL checking. | ** Block Routed TTL: block packets being routed based on TTL checking. | ||
** Interval: Do analysis based on internet usage in configured time peroid. | ** Interval: Do analysis based on internet usage in configured time peroid. | ||
** Message: display a message when clients are blocked.(Users will see this message when a http webpage is blocked) | ** Message: display a message when clients are blocked.(Users will see this message when a http webpage is blocked) | ||
− | |||
* Action | * Action | ||
** Block internet access for N minutes when NAT sharing is detected. | ** Block internet access for N minutes when NAT sharing is detected. |
Revision as of 14:07, 11 November 2019
1 NAT Detector
NAT Detector module can detect NAT sharing services in local networks.
- WFilter analysises internet usage records to check whether NAT sharing services are running.
- You need to enable recording for client devices to be checked.
2 Settings
- Basic Settings
- NAT Detector: whether or not to enable NAT detector.
- IP Range: IP range to enable "nat detector". One IP/Range per line. "#" starts a comment, "-" starts an exception. For example: 192.168.1.1, 192.168.1.1-192.168.1.20, -192.168.1.10.
- Block Routed TTL: block packets being routed based on TTL checking.
- Interval: Do analysis based on internet usage in configured time peroid.
- Message: display a message when clients are blocked.(Users will see this message when a http webpage is blocked)
- Action
- Block internet access for N minutes when NAT sharing is detected.
- Add to a virtual group for N minutes when NAT sharing is detected. You can use other modules to apply policies to this virtual group.
3 History
In "History", you can query NAT detector history, including IP addresses, MAC address, punishment action... You also can click "Query" icon to check the details.