Professional Documents
Culture Documents
Overview
--------
The tool consists of two apps: a service and a viewer (user interface). The
service is required because only one app can retrieve traffic data from a mikrotik
router. The viewer can be run on multiple machines and retrieves data from the
service.
The setup works best when you use the miktorik router for DCHP and optionally DNS.
It requires creating a special ssh user on the mikrotik device to allow retrieval
of the ip info (you can use the admin credentials too if you like). You also need
to enable IP Accounting.
Note that this readme assumes you are using the mikrotik default subnet of
192.169.88.0/24 with the mikrotik router on 192.168.88.1. Please adjust as
required.
On Mikrotik
-----------
Create an SSH user for getting DHCP lease names and DNS entries
/user
group add name=sniffer policy="ssh,read"
add address=192.168.88.0/24 disabled=no group=sniffer name=sniffer
FAQ
---
Q: How does the tool work?
A: The Sniffer service gathers traffic information from the mikrotik via a web
interface, i.e.
http://192.168.88.1/accounting/ip.cgi. This happens every second. It also
collects all the DNS
entries and DHCP leases from the Mikrotik router with ssh, using the 'sniffer'
user that was
created. This is updated every 5 minutes. All the information is processed and
the Viewer
collects everything from the service using Rest and displays it.