Network Monitoring on network of Macs


I have a DSL (PPPoE) connection which I use to connect to my Mac using ethernet.
On this MAC, I have enabled internet sharing through airport.
My employees are connecting wirelessly using this ethernet sharing.
I did this so that all traffic is routed through my computer and I could capture and analyze packets using wireshark to make sure no one is carrying out illegal activities using office network.
Am I on the right track or do I need additional set up to achieve this?
If I am on the right track, how can I analyze traffic for a particular user(ip/mac)? How do I know what pc is connected to which IP?

Any help really appreciated.


What you can do is simply filter based on the MAC address of the specific machines. The filter would look something like this eth.addr == You can read more about MAC address filtering here Looking at the filtered packets you can see what IP address corresponds with that MAC address. You can further filter using port 80 to see what that person is browsing or downloading. Hope this helps.