Graphical IP accounting

[sodb]

Probably the same as KAMILEK produced, here are my scripts.

Using the older scripts of my earlier html-based graphical IP accounting, together with the improvements Mark Koops made, and with the HTML layout found at http://<br /> http://www.home.karne...0603501/zdenek I constructed some scripts to do graphical IP accounting using RRDtools.
Installation of RRDtools are discussed earlier in this topic. I include my own compiled version in the tar ball.

I use the following method: iptables collects traffic in up/down directions for individual PC's in LAN. Ifconfig is used for counting bytes transfered over the wan interface. Because of the frequent updates of counters (e.g. every 5 min), the RRD files are stored in RAM (/tmp/rrd). USB flash would wear out quite soon (10000 cycles are reached in 34 Months). Graphs are generates every single hour and also stored in RAM. Then, and that is a step that you might want to change, the graphs are uploaded to an external web server using ncftpput util (also included).

To initalize the logging proces you have to do the following: 1) edit ipaddress.txt file to meet your requirements, 2) edit init.sh to change $wanint WAN port and lanmask, and directories, 3) add admin entries to crontab and see to it that crond is executed from post-boot. 4) execute add_iptables.sh (can also be put in post-boot), 5) initalise RRD's (might not be necessary of stored on HD or USB flash, 6) initiate HTML files and copy all *.html files to path or server served by webserver.

The following files are included (untar with tar -xzvf rrd_iptables_tar.tgz, and then again tar -xvf rrd_iptables.tar) (edit) added correctversion of update_traf.sh:

ipaddress.txt

A two column file with the PC name and the PC address for the PC's to be minitored in the LAN

init.sh

Used for setting pathes, WAN port, LAN subnet and a mask that defines all the PC's addresses in the LAN, used with negation for determining 'other' traffic. See earlier in Mark Koops' description.

add_iptables.sh

Generates the correct entries in iptables based on ipaddress.txt file.
gen_html.sh, gen_menu_html.awk, gen_graph_html.awk
Generates menu.html, and the individual html code for each of the entries in the menu.

footer.html, title.html, traf.html

HTML templates for traffic page.

init_traf.sh

Generates initial Round Robin Databases for each of the entries in ipaddress.txt and other, $wanint and router entries.

admin

Example crontab file. To be copied in /var/spool/cron/crontabs.

update_traf.sh (use seperate file)

Script used to update counters of iptables entries in the specific RRD database. Is called from crontab.

plot_traf.sh, plot_single.sh

Script called from crontab to generate png graphic files from rrd databases.

Hope this helps you installing the scripts. It is not very fancy, so you should adopt things to your personal needs.

[WiziPok]

Hi your Majesty ...

can you please put the missed PLOTPING.SH ? please

WiZi

[kamilek]

OK. As soon as possible I will give here my rrd scripts. But I have them in Czech language so I will try to translate them to English.

Wizipok if you would like to have it in Czech, write me to kamil.krpec@seznam.cz a domluvime se. :-)

[WiziPok]

Hi ,

I don't exactly know why, but I cannot count the non registered IP's traffic. I already tried and tuned 3 different typas of accounting scripts, but the unregistered IP's traffic everything was gone ..

If I know the IP's I can count them, OK ..lets there are from 1-10. Using mask /24, that means that the "other" traffic is the:

All traffic - known traffic ==>> WANADDRESS/24 - SUM(traffic from IPs 1-10) = OTHERS

But from Iptables the string cutting doesn't works ... in a case when I want to get the traffic for "192.168.0.1/24"

any suggests?

WiZi

[sodb]

Hello WiziPok,

I don't quite understand what you mean by non registered IP traffic. I suppose you mean all traffic from and towards IP addresses in your LAN that are not fixed addresses or served with predifined DHCP IP addresses. Let's say you have 5 known PC's in the LAN and you give them IP addresses using the Ethernet based DHCP addresses 192.168.1.2-192.168.1.6 in a /24 LAN subnet. The routers own address in the LAN is 192.168.1.1/24. Rules for all traffic except that towards the router itself and the PC's can be defined by using a subnet in which as closely as possible fit all the predefined IP addresses. In this example that would be a 192.168.1.0/29 subnet (containing the addresses .1 through .7, the last being the broadcast address within the subnet. If you want all the traffic outside this subnet you can use the following iptable rules:

Code:

iptables -A traffic_in -i $wanint -d ! 192.168.1.0/29
iptables -A traffic_out -o $wanint -s ! 192.168.1.0/29

with $wanint your wan interface e.g. ppp0.

Regards,
Stefan

[WiziPok]

Ok. But here is the description of my situation:

LAN = 192.168.1.1
DHCP server for 192.168.1.2-16
MASK 255.255.255.0
FIXED IPs are 2-3-4-5-6

Your and other's script presenting the calulated traffic for the FIXED IPs. Other traffic from IPs served by DHCP or IPs set manually aren't presented on the graph. How can I calculate this traffic and put to the TRAFFIC FROM UNREGISTERED/UNKNOWN IPs?

Another question ...
the comamnd to get AWK-ed string from iptables doesn't works for me ... never cut any traffic from "iptables -L -v" however there is ..

thank you

[sodb]

You could add the IP addresses 7-16 in the ipaddress.txt file. Altough you don't know who is connected, the traffic gets sorted to the specific IP addresses. You need individual entries in iptable to differentiatie between traffic of each of the IP addresses. You could use the file /tmp/dnsmasq.log to search for the active PC's given an IP address using DHCP.

Tp get iptable output using awk test the following:

Code:

iptables -L -vx | awk '{print $2}'

When this works you can use sed or awk to filter the correct line and get the counters from this output. In my script I first store the iptables output in a temporary file and process that file later.

[cooper.zl]

I have one qustion about RRD Tool, CRON scheduled task and 128MB USB flash disk in WL-500g. Every flash disk have finite write cycles and after installing RRDTool and CRON on 1st partition with 2nd partition used as swap, then LED diode blinks quite often (I think 1 minute and then 4 minutes not). My question is if statistic for RRDTool is big file or not, if USB flash disk will be destructed after 6 months or not - I don't know why this flash disk blinks so much.
Thx for your answers.

[rts]

Thank You sobd for the manual. I wollw Your instructionas and almost got everything working...except the *.gif files looks little strange...I checket the scripts for generating charts - they're running without errors. Any idea whats wrong with my installation? The trafic data seems to be logged correctly:

root@OpenWrt:/opt/usr/bin/iprrd# ./update_traf.sh
updating usage counters
IP Bytes In Bytes Out
192.168.150.2: 0, 0 ---;
eth0: 1380861, 1330602 ---;
router: 44708, 30401 ---;
other: 0, 0 ---;

Thanks

[yeager]

Kamilek sent me this skript http://www.home.karne...0603501/zdenek
and i translete it. when anybody have interest i uploade it to this forum

[yeager]

sorry here is the link
http://www.home.karneval.cz/0220603501/zdenek

[alien433]

can this tool already be implemented in the firmware?
because i am an beginner in this.

[yeager]

this is very easy to install, but now kamilek remake the script, when finished, i meke a litle how-to
but first you install from www.macsat.com this:
ipkg tutorial
php-thttpd tutorial
cron tutorial

[kamilek]

Do somebody know which command should I use to make txt file which will contains 2 lines?

Something like this:

in 1
out 2

Thx.

[WiziPok]

Hi

this one should work:

echo X Y Z > file.txt - for creating and rewriting an existing file
echo X Y Z >> file.txt - for appending the lines into the existing file

for e.g.

echo "nazdarek" > /tmp/greetings.txt
echo "how are you?" >>/tmp/greetings.txt

WiZi