accounting

accounting

[Andrej Ricnik]

Hi Guys!

I've been searching for a decent Linux IP accounting
solution (I have a 5GB limit a month and don't want
to pay a penalty just because the kids are greedy :})
but couldn't find anything easy to use/decent that would
allow me to keep track of traffic per IP and/or user
and stop traffic from that IP/user once their "fair share"
is used up ...

So I was wondering how difficult it would be to intercept
logging information from userland, and where to find
info's on how to do it.



Cheers,
Tink

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCM/IT/O d-(++)@ a C+(+++)@ UL++>+++ P+>+++ L++ E+@ W+@ N+ o? K? w---@(+) 
O+++(+)@ M-@ V? PS+ PE- Y+ PGP++ t- 5- X- R-(*) tv-@ b+ DI++ D-- G++ !e* 
h--- r++ z?
------END GEEK CODE BLOCK------



_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8. 
http://join.msn.com/?page=features/junkmail

Re: accounting

[DarKRaveR]

Hello Andrej,

First of all: If you want a hardlimit, this is easy, there's an
extended match target, quota, which takes care of dropping a rule, as
soon, as the limit is hit.
So you can setup up rulkes for each ip, and make the rule basicly drop
....
And if there is no rule, you can set up one matching, since it has a
counter.

but, it is not too easy, to gather the information, you can either
iptables -L -v -x to grab the counters and parse the output ...
or use libiptc to do so ...

I kinda face the same problem here, just that I want the whole
enchilada database backed, and the rules should be generated from a
database with user information.
I am working on some c++ progs etc. to make a solution for our
scenario ... but it's all still earliest work in progress.

it's a pitty, I couldn'T find anythign usefull :-( could have save me
hours of work :-)

Thursday, February 13, 2003, 12:27:24 AM, you wrote:

AR> Hi Guys!

AR> I've been searching for a decent Linux IP accounting
AR> solution (I have a 5GB limit a month and don't want
AR> to pay a penalty just because the kids are greedy :})
AR> but couldn't find anything easy to use/decent that would
AR> allow me to keep track of traffic per IP and/or user
AR> and stop traffic from that IP/user once their "fair share"
AR> is used up ...

AR> So I was wondering how difficult it would be to intercept
AR> logging information from userland, and where to find
AR> info's on how to do it.



AR> Cheers,
AR> Tink

AR> -----BEGIN GEEK CODE BLOCK-----
AR> Version: 3.12
AR> GCM/IT/O d-(++)@ a C+(+++)@ UL++>+++ P+>+++ L++ E+@ W+@ N+ o? K? w---@(+) 
AR> O+++(+)@ M-@ V? PS+ PE- Y+ PGP++ t- 5- X- R-(*) tv-@ b+ DI++ D-- G++ !e* 
AR> h--- r++ z?
AR> ------END GEEK CODE BLOCK------



AR> _________________________________________________________________
AR> Tired of spam? Get advanced junk mail protection with MSN 8. 
AR> http://join.msn.com/?page=features/junkmail




-- 
Best regards,
 DarKRaveR                            mailto:DarKRaveR@habitat-b.de

Re: accounting

[Thomas Poehnitzsch]

[-- Attachment #1: Type: text/plain, Size: 1764 bytes --]

Hi,
 
On Wed, Feb 12, 2003 at 11:27:24PM +0000, Andrej Ricnik wrote:

> I've been searching for a decent Linux IP accounting
> solution (I have a 5GB limit a month and don't want
> to pay a penalty just because the kids are greedy :})
> but couldn't find anything easy to use/decent that would
> allow me to keep track of traffic per IP and/or user
> and stop traffic from that IP/user once their "fair share"
> is used up ...
> 
> So I was wondering how difficult it would be to intercept
> logging information from userland, and where to find
> info's on how to do it.

as for the logging of traffic, this is really easy. You could use an
iptables rule, as DarKRaveR suggested, or just use snmp
(interfaces.ifTable.ifEntry.ifInOctets*).

But for the assurance of a given limit, you will need a lot more.

On Thu, Feb 13, 2003 at 01:02:12AM +0100, DarKRaveR wrote:

> I kinda face the same problem here, just that I want the whole
> enchilada database backed, and the rules should be generated from a
> database with user information.
> I am working on some c++ progs etc. to make a solution for our
> scenario ... but it's all still earliest work in progress.
> 
> it's a pitty, I couldn'T find anythign usefull :-( could have save me
> hours of work :-)

Stop working, look here:
https://rnvs.informatik.tu-chemnitz.de/Dynshaper/

It is already up and running, doing everything you can dream of: shaping
to a given limit, dynamic traffic adjustment based on long term traffic
analysis, database backend, IP based class allocation, Web-Frontend,
Database-Backend, ... and it's GPL!

The only disadvantage: it seems there is only a German documentation.

Ciao!
    Thomas

-- 
"vi is my shepard, I shalt not font."

[-- Attachment #2: Type: application/pgp-signature, Size: 232 bytes --]

Re: accounting

[Andrej Ricnik]

>Hi,

>as for the logging of traffic, this is really easy. You could use an
>iptables rule, as DarKRaveR suggested, or just use snmp
>(interfaces.ifTable.ifEntry.ifInOctets*).

>But for the assurance of a given limit, you will need a lot more.
Well, I could insert the traffic details (source/dest, size, time)
in a postgres table and run a query from a cron-job every five
minutes which certainly would suffice my limits...


>Stop working, look here:
>https://rnvs.informatik.tu-chemnitz.de/Dynshaper/
>
>It is already up and running, doing everything you can dream of: shaping
>to a given limit, dynamic traffic adjustment based on long term traffic
>analysis, database backend, IP based class allocation, Web-Frontend,
>Database-Backend, ... and it's GPL!

>The only disadvantage: it seems there is only a German documentation.
Well, I downloaded it and read the docs... I don't think it
QUITE does what I want, because in this setup it will allow
the kids to hog the transfer as long as I'm not on, and only
pull the throttle once they used up all the transfer volume?
Maybe my German is a bit rusty, and I got it wrong, though ...



>Ciao!
>     Thomas


Cheers from windy Wellington,
Tink

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCM/IT/O d-(++)@ a C+(+++)@ UL++>+++ P+>+++ L++ E+@ W+@ N+ o? K? w---@(+) 
O+++(+)@ M-@ V? PS+ PE- Y+ PGP++ t- 5- X- R-(*) tv-@ b+ DI++ D-- G++ !e* 
h--- r++ z?
------END GEEK CODE BLOCK------


_________________________________________________________________
Add photos to your messages with MSN 8. Get 2 months FREE*. 
http://join.msn.com/?page=features/featuredemail

Accounting

[Andrew Barbara]

Hi,
Does iptables keep a file that keeps track of accounting information?  I 
know ipchains did.
Thanks
Andrew 

accounting

[Klaus Boehm]

Hi,

I want use the iptables for accounting.
1. How looks the iptable rules.
2. In which file under the proc filesystem I could read the counter values.

Thanks for any hints.


Klaus

-- 


ewt gmbh
data management group
tel: ++49 821 3106 319
fax: ++49 821 3106 399
url: www.ewt.de

Re: accounting

[Ralf Spenneberg]

Hi,

Am Don, 2003-10-09 um 15.44 schrieb Klaus Boehm:
> I want use the iptables for accounting.
> 1. How looks the iptable rules.
> 2. In which file under the proc filesystem I could read the counter values.
There are probably better applications to do accounting, but if you want
to do that:
1. This rule will cover all HTTP-traffic 
iptables -A FORWARD -p tcp --port 80
2. You can read the counters using 
iptables -vnL
3. You can reset the counters using
iptables -Z

Cheers,

Ralf
-- 
Ralf Spenneberg
RHCE, RHCX

Book: Intrusion Detection für Linux Server   http://www.spenneberg.com
IPsec-Howto				     http://www.ipsec-howto.org
Honeynet Project Mirror:                     http://honeynet.spenneberg.org

accounting

[Brent Clark]

Hi

What would be the correct method for like accounting programs for like a 'pay as you go' internet.

Basically keep track users bandwidth usage, time etc.

For the guys in the ISP market, what or how would you guys go about this, or am I doomed to use a commercial
product like Checkpoint or something.

Im hoping iptables has / can do something.

Regards
Brent Clark

P.s. Wonder if monowall does some type of accounting.

RE: accounting

[Rob Sterenborg]

> What would be the correct method for like accounting programs
> for like a 'pay as you go' internet.
>
> Basically keep track users bandwidth usage, time etc.
>
> For the guys in the ISP market, what or how would you guys go
> about this, or am I doomed to use a commercial
> product like Checkpoint or something.
>
> Im hoping iptables has / can do something.

I'm not in the ISP market, but about a year ago I installed IP
accounting software on a server to see how it works. I looked and found
ipac-ng and iag in an old download directory but I can't remember which
one I got working.. The latest versions of both packages are not recent
(2004, 2005) but at the time I got one of them working.

Maybe you can do something with the below :
ipac-ng: http://sourceforge.net/project/showfiles.php?group_id=28513
ipac-ng (howto): http://martybugs.net/linux/ipac.cgi
iag: http://dev.lashout.net/iag/ (Needs Sablotron)

Really, I don't remember which one worked and what the results looked
like so I hope this is of any use.


Grts,
Rob