Initial Situation – The Need
I’ve a teenager who have her own session on Windows 7. To prevent access to unpleasant websites, I installed Microsoft Parental Control, and I’m very happy with this solution.
Now, my teen has her own smartphone, with no 3G connexion, but a Wi-Fi home connexion to access Internet. No Parental Control is installed and when she’s locked in her room, I’d like to be sure, she’ll not use or visit unwanted app/website.
I don’t want to sniff her personal data nor read her emails, I just want to check sometimes list of website she visits.
The easiest way to sniff a network is to install a software like WiredShark on a PC (or a RPI). There is many article explaining how to sniff a network like that (network analyser). Unfortunately, my Provider Internet Box (a french Livebox 2) acts as a switch. Thus, devices connected are separated and packets not seen by everybody on the network (WiFi or wired). It’s not possible to configure this box as a hub to avoid that. (once installed, WiredShark only see broadcasts between devices – I don’t care ;-).
As recommended everywhere, I tried to switch my network card to «Monitor Mode», I only saw 802.11 protocol frames, no data frame. I don’t care again 😉
One Complex solution
Install a hub on my box.
On this hub, I connect a PC with WiredShark and a new WiFi Router.If my daughter’s smartphone connects thru this new Wi-Fi Router, I’m able to track all its connexions…
But this solution is expensive (I need to by a new hardware), I loose cool original functions of my Internet Box (like define hours-restrictions per device, and so on). I also have to manage 2 Wi-Fi at home which is confusing.
A far simpler solution
I prefer a far simpler architecture :
- Define a RPI as a router.
- Configure manually the smartphone IP Adress with
- Static IP Adress
- RPI as the gateway
- Internet Provider Box as DNS
- Install NTop (or whatever you want) on the RPI to track all network traffic
That’s it. Everytime the smartphone will connect to internet, it will go thru the RPI, which will track everything. For DNS request, it will still ask to my Internet Box.
Other devices are not impacted, and can be configured with the Internet Provider Box DHCP (or go thru RPI using the same parameters)
Fig 3 : Connect to RPI/NTop and see http://www.raspberrypi.org URL ! It works !
How to do it
Define RPI as a router.
1. Define a static IP adress for the Pi – Modify your /etc/networks/interface file
iface lo inet loopback
iface eth0 inet static
(I’m not sure the last line is required).
Here, my Internet Provider Box is 192.168.1.1 and my RPI is 192.168.1.5
2. Activate IP forwarding – Modify your /etc/sysctl.conf
net.ipv4.ip_forward = 1
(need to reboot your Pi after that)
3. Install NTop on your RPI
apt-get install ntop
(Type the admin user password for ntop’s web interface)
4. Check if NTop is working.
Go to http://192.168.1.5:3000
At this point, you should be able to see all traffic coming from the smartphone on web NTop interface. You should think twice before doing this because your daughter will probably not appreciate.
[Update]: When my daughter read this article, I found my Raspberry in the microwave. Coincidence ? 😉