Hello everyone, and thanks for taking the time to read over my post and provide any potential advise. I have kind of a weird setup and have never had to do what I want to do, and can't even figure out the proper terms to use to do a full complete internet search like I normally would. So here's my situation and if someone could get me pointed in the right direction I'd appreciate it.
I have several pc's and other wireless devices in my personal household. Recently I've noticed that a wireless device (can't figure out which device because my current router sucks... provided by my ISP) is hitting my internet connection so hard that it's downing the internet for the rest of my devices. The only reason I can tell it's a wireless device is because I watch the wireless light and the internet light flash like crazy when this is happening. As soon as I kill the wireless connection on my router the internet pops back up and I'm able to use it like I normally should. And yes, I know that I could go gather all my wireless devices and hard power them down one at a time till I get my internet back, but I've always wanted to take this project on, just never had the motivation, so here I go.
This is what I want to do: I have a box running Windows Server 2012 standard edition (I use it as a test box for web apps I write as well as backup and file share services. I also have it running DHCP/DNS, active directory and a couple other minor services. Nothing real heavy hitting. And yes, it is legally licensed) and it has dual Gigabit Network ports. I would like to set it up so that my computer sits in between the internet connection and the rest of my home network so that **ALL** internet traffic passes through this computer so I can track internet usage, and figure out EXACTLY what websites are being accessed by the individual devices and what not. I do have multiple routers, including other's that provide Wireless access, so I can make sure that they are downstream from the server. Although I'm pretty savvy with the consumer editions of Windows, and I have some experience with Windows Server (I did set up my own domain after all) I certainly don't have any professional training or certification on Windows Server functionality.
I already have the DHCP / DNS services running on my server, so I can see there when a device taps my server for DNS/DHCP, but I also know how easy it is to bypass that by running a static I.P. address and custom DNS addresses (whether they be Comodo secure DNS or whatever else free DNS on the internet) that I can in no way monitor or track with my current set up. I want a setup that I can monitor ALL traffic coming in and out of the house, whether they be "sanctioned" devices, or possible rogue devices (or if my 15 year old gets smart and tries to circumvent any restrictions on his personal devices...). I'm not looking to record all incoming/outgoing content, just log stuff like "ip address xxx.xxx.xxx.xxx accessed website www.bleepingcomputer.com @ 16:53 on 07/12/2014" and "ip address xxx.xxx.xxx.xxx downloaded file blah.exe from website blah.blah.com @ 02:43 on 07/12/2014". I'd also like to be able to see maybe a graph of which devices are using how much of my bandwidth and what not, preferably both real time and month to date, daily, hourly or whatever else. Not a hard requirement, but certainly a "live picture" of which devices are using up how much bandwidth would be great.
Also being able to block access by ip or mac would be interesting....
Does this make sense? I don't have money to buy additional hardware or software, so I'm hoping for free-ware/open-source type solutions (I'm COMPLETELY open to Linux solutions in virtual box or whatever). I do also have some old "donor" hardware that I could turn into a dedicated box if there's a reason running virtual-box with Linux on top of WS2012 wouldn't be the best idea. (However the wiff (read wife) already doesn't like how many computers I have set up and running to begin with.. so.. lol) I don't necessarily require a detailed step by step how-to guide (although one would be appreciated if there was one out there) because I'm pretty savvy at researching and figuring things out on my own, but I'm kinda lost on where to get started here since I don't know what the official terms would be called. So, again, thanks for your time and I look forward seeing what you all come up with.
Also, would this require my server (or whatever hardware system I end up using) to acquire the public IP address, or would it be possible to have the server keep it's internal NAT address.
Thanks again for your time.
PC / Network Masochist Extraordinaire.