NAT Detector
From Wiki of WFilter NG Firewall
1 NAT Detector
NAT Detector module can detect NAT sharing services in local networks.
- WFilter analysises internet usage records to check whether NAT sharing services are running.
- You need to enable recording for client devices to be checked.
2 Settings
- Basic Settings
- NAT Detector: whether or not to enable NAT detector.
- IP Range: IP range to enable "nat detector". One IP/Range per line. "#" starts a comment, "-" starts an exception. For example: 192.168.1.1, 192.168.1.1-192.168.1.20, -192.168.1.10.
- Block Routed TTL: block packets being routed based on TTL checking.
- Interval: Do analysis based on internet usage in configured time peroid.
- Detection Policy: set OS exceptions.
- Message: display a message when clients are blocked.(Users will see this message when a http webpage is blocked)
- Action
- Block internet access for N minutes when NAT sharing is detected.
- Add to a virtual group for N minutes when NAT sharing is detected. You can use other modules to apply policies to this virtual group.
3 History
In "History", you can query NAT detector history, including IP addresses, MAC address, punishment action... You also can click "Query" icon to check the details.