How to monitor network activities on your openwrt/lede WiFi router?

WFilter internet content filter software can monitor internet activities of network clients. However, the deployment requires you to setup port mirroring in your switch to mirror all internet packets to WFilter for monitoring. Below is a typical network diagram of WFilter deployment:

In many soho networks, there is no manageable switch for port mirroring. In this guide, I will demonstrate a light solution to setup port mirroring directly in your WiFi router. First, you need to get an openwrt/lede WiFi router(or you can reflash your router with openwrt/lede firmware)
Let’s check the network topology first:

openwrt_diagram

The main router is a WiFi router(192.168.1.1) running openwrt system. A PC with WFilter installed is connected to this WiFi router using a cable, with IP address 192.168.1.2. Other network clients are all wireless.  Packet port-mirroring is also installed in this openwrt system.

You need to enable port-mirroring service in openwrt to mirror network packets to the WFilter pc, syntax:

portmirror03

Settings:

1) target: the target pc ip address,  or interface

2) source_ports: wlan0(the wireless adapter)

Then you shall be able to monitor all clients internet activities in WFilter UI. Screenshots:

portmirror01

portmirror02

You also can setup internet filtering policies to block websites or applications.

portmirror04