Raspberry Pi for Smartphone Parental Control

Initial Situation – The Need
I’ve a teenager who have her own session on Windows 7. To prevent access to unpleasant websites, I installed Microsoft Parental Control, and I’m very happy with this solution.
Now, my teen has her own smartphone, with no 3G connexion, but a Wi-Fi home connexion to access Internet. No Parental Control is installed and when she’s locked in her room, I’d like to be sure, she’ll not use or visit unwanted app/website.
I don’t want to sniff her personal data nor read her emails, I just want to check sometimes list of website she visits.

Possibles Solutions
The easiest way to sniff a network is to install a software like WiredShark on a PC (or a RPI).  There is many article explaining how to sniff a network like that (network analyser). Unfortunately, my Provider Internet Box (a french Livebox 2) acts as a switch. Thus, devices connected are separated and packets not seen by everybody on the network (WiFi or wired). It’s not possible to configure this box as a hub to avoid that. (once installed, WiredShark only see broadcasts between devices – I don’t care ;-).

As recommended everywhere, I tried to switch my network card to «Monitor Mode», I only saw 802.11 protocol frames, no data frame. I don’t care again 😉

One Complex solution
architecture bad Install a hub on my box.
On this hub, I connect a PC with WiredShark and a new WiFi Router.If my daughter’s smartphone connects thru this new Wi-Fi Router, I’m able to track all its connexions…
But this solution is expensive (I need to by a new hardware), I loose cool original functions of my Internet Box (like define hours-restrictions per device, and so on). I also have to manage 2 Wi-Fi at home which is confusing. 

A far simpler solution
I prefer a far simpler architecture :

  1. Define a RPI as a router.
  2. Configure manually the smartphone IP Adress with
    1. Static IP Adress
    2. RPI as the gateway
    3. Internet Provider Box as DNS
  3. Install NTop (or whatever you want) on the RPI to track all network traffic

That’s it. Everytime the smartphone will connect to internet, it will go thru the RPI, which will track everything. For DNS request, it will still ask to my Internet Box.
Other devices are not impacted, and can be configured with the Internet Provider Box DHCP (or go thru RPI using the same parameters)

screen_phone
Fig 1. Smartphone IP configuration

screen_phoneURL
Fig 2 : Surf on Raspberrypi.org

NTop_screen
Fig 3 : Connect to RPI/NTop and see http://www.raspberrypi.org URL ! It works !

How to do it
Define RPI as a router.

1. Define a static IP adress for the Pi – Modify your /etc/networks/interface file
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 192.168.1.5
netmask 255.255.255.0
gateway 192.168.1.1
dns-nameservers 192.168.1.1

(I’m not sure the last line is required).
Here, my Internet Provider Box is 192.168.1.1 and my RPI is 192.168.1.5

2. Activate IP forwarding – Modify your /etc/sysctl.conf
net.ipv4.ip_forward = 1
(need to reboot your Pi after that)

3. Install NTop on your RPI
apt-get update
apt-get install ntop
(Type the admin user password for ntop’s web interface)

4. Check if NTop is working.
Go to http://192.168.1.5:3000

At this point, you should be able to see all traffic coming from the smartphone on web NTop interface. You should think twice before doing this because your daughter will probably not appreciate.
[Update]: When my daughter read this article, I found my Raspberry in the microwave. Coincidence ? 😉

3 thoughts on “Raspberry Pi for Smartphone Parental Control”

  1. You should probably look at routers that run DD-WRT as it is also linux based. You can basically install ntop on your router hence no need for the raspberry pi equation

  2. I created a Raspberry Pi based parental control solution specifically for filtering traffic for all devices on the home network. Check it out here:http://www.abdullahirfan.com/my-projects/gatesentry/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s