HowToMonitorInternetTrafficTotals

Differences between revisions 6 and 7
Revision 6 as of 2005-08-03 09:13:46
Size: 2668
Editor: S0106000d88b9f3db
Comment: added some basic wiki-links. it's probably removable from Cleanup now.
Revision 7 as of 2005-08-03 09:16:13
Size: 2670
Editor: S0106000d88b9f3db
Comment:
Deletions are marked like this. Additions are marked like this.
Line 9: Line 9:
First install ipac-ng, ither with [SynapticHowto Synaptic] or type in a terminal: First install ipac-ng, ither with ["SynapticHowto Synaptic"] or type in a terminal:

Aimed at people with a small home network, who want to monitor the amount uploaded / download from the internet but not the local traffic on the LAN. This might be useful if your ISP sets monthly bandwidth limits, and you also transfer files across your local network.

The instructions guide you through setting up IPAC-NG, an iptables/ipchains based IP accounting package.

Installation

You will need access to the Universe repository - see AddingRepositoriesHowto if you need more information.

First install ipac-ng, ither with ["SynapticHowto Synaptic"] or type in a terminal: 

sudo aptitude install ipac-ng

Configuration

Edit /etc/ipac-ng/rules.conf to tell it the type of traffic you want to log. To simply measure upload and download totals, it should read: 

# /etc/ipac-ng/rules.conf

total upload |ipac~i|eth0|all||
total download |ipac~o|eth0|all||

Note: replace eth0 with the network adapter you wish to measure.

Edit /etc/ipac-ng/ipac.conf and change the storage method to gdbm, otherwise the logs will take up a very large amount of space. (postgre could probably be used too) 

# /etc/ipac-ng/ipac.conf

storage = gdbm

To ignore LAN traffic, some simple iptables rules are added to the startup scripts. Edit /etc/init.d/ipac-ng and add the four lines between the ##'s as follows: 

## /etc/init.d/ipac-ng

case "$1" in
  start)
        echo -n "Starting $DESC: "
        check
        $DAEMON -S
## ADD THE FOLLOWING 2 LINES:
        $IPTABLES -I INPUT -s aaa.bbb.ccc.0/24 -j ACCEPT
        $IPTABLES -I OUTPUT -d aaa.bbb.ccc.0/24 -j ACCEPT
##      
        echo "$NAME."
        ;;
  stop)
        echo -n "Stopping $DESC: "
        # fetch accounting before removing the rules
        $DAEMON
        echo -n "flushing IP accounting rules ..."
        $IPTABLES --flush ipac~o
        $IPTABLES --flush ipac~i
        $IPTABLES --flush ipac~fi
        $IPTABLES --flush ipac~fo
        # here should the ipac_* rule be removed from INPUT OUTPUT and FORWARD but --flush is
        # evil because it would remove all rules in these chains.
## ADD THE FOLLOWING 2 LINES:
        $IPTABLES -D INPUT -s aaa.bbb.ccc.0/24 -j ACCEPT
        $IPTABLES -D OUTPUT -d aaa.bbb.ccc.0/24 -j ACCEPT
##
        echo "$NAME stopped."
        ;;

Note: replace aaa.bbb.ccc.0 with your local network. For example, if your router is at 192.168.0.1, you would use 192.168.0.0.

That's it! The traffic totals will be automatically fetched from iptables every 10 minutes when your computer is running. To view the totals, use 'ipacsum'. It can be configured to display a specific time interval, and will even draw graphs of the traffic.

[http://ipac-ng.sourceforge.net/]

CategoryDocumentation

HowToMonitorInternetTrafficTotals (last edited 2008-08-06 16:39:45 by localhost)