Website history on router

Hello everyone, does anyone know if our routers have a way of logging what websites are visited from the devices connected to the router ?
It is worth mentioning that I am running a VPN as well which may or maynot have an effect on the answer. Flint running 4.5 firmware
Thank you
H

It depends on what you are trying to do.

Getting just the IPs? There is a way like logging all IP packages and extracting this information. There was a custom solution for that, but I can’t find it anymore. Guess @bring.fringe18 (sorry for pinging, mate) can tell you something about it.

My approach would be less custom but less intense as well: You can enable AdGuard DNS to log all DNS queries. This will be sufficient for most things. But be aware that DNS will only work for devices which connect by DNS. If they connect by IP or by their own DNS server, it won’t help.

1 Like

So here is the thing with teenagers being as savvy as they are with tech I just want to make sure that certain sites aren’t visited or if they are that we can address them in time. I have parental control running but I don’t think it is enough if I am honest. most devices on are from the apple eco system as an added bonus headache. Before I moved over to gl-inet my asus router used to have a full list of websites that I could see
Thanks

I would say that awareness is the better solution.

Completely preventing access to dirty sites will not work. Of course, you can try, but that only makes it more attractive for teenagers to break these rules :wink:

AdGuard DNS with the parent filters is basically a good idea, but only helps to a limited extent. Apple devices can bypass this setting with Apple Privacy Relay - You can’t really get to grips with this without mobile device management.

What you would need is a “real” firewall including network traffic analysis and proxy.

and now being the 50 something self proclaimed I can do this kind of man feel totally inept for something like this
Thanks

Well, that’s a fundamental problem.

In the last few years, encryption has become more or less standard on the Internet. In other words, not only HTTPS but also DNS requests are encrypted. You can’t get around this with “normal” means.

In the corporate environment, you have the same problems, but larger solutions or complete control over end devices. This is rarely the case in a private household.

In the end, activating the parental filter is the only thing you can do without making a huge effort - as long as the kids have “admin permission” on their devices.

1 Like

Krist, I know that pain. We’re a long ways fr the heady days of dial-up!

This isn’t something you can resolve on the router/home network side of things. The moment your kids ‘step off’ the home LAN they’ll bypass whatever DNS resolver set regardless (eg: using Apple Private Relay’s Oblivious DoH (ODoH) method). Then combined w/ the fact Apple is openly hostile against those that own the device in dictating what they can, cannot do with their property & you’ve got a perfect cocktail of chaos & frustration.

You’d need a way to set up a custom DNS-over-HTTPS profile for ea. Apple device & keep it locked down so only you could change it. That’s not something available to consumers, as far as I know. Then the profile would have to point to a DNS Resolver like AdGuard’s servers (subscription service) or DeCloudUs where you can build block/whitelists accordingly.

@admon is right; the only ‘real’ way I can think of to resolve this is to lock down the devices via some sort of Mobile Device Management software.

(In case you can’t tell, I don’t use Apple. I’d test it on a device you don’t mind fvcking up & probably have to reset it to stock.)

https://dns.notjakob.com/

https://simpledns.plus/apple-dot-doh

1 Like