[ previous ] [ next ] [ threads ]
 
 From:  Richard Bishop <richard at uchange dot co dot uk>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Traffic accounting per ip - some ideas
 Date:  Tue, 7 Dec 2004 17:51:48 +0000
Hi all,

I've been reading through the list archives in the hope of coming across some
means of per-ip traffic accounting for my m0n0, upon finding that it's not yet
included in the standard release of m0n0wall I had a play this afternoon to see
if I could get something to work:

I've patched the /etc/inc/shaper.inc file with the following code which adds a
counter in ipfw for each ip address held in the dhcp static leases list -
purely because this was an easy way to get hold of a list of ip's in use on my
network ;-)

------------------------------
	/***** Per-ip traffic accounting stuff here *****/

	/* Get a list of static DHCP interfaces */
	$a_maps = $config['dhcpd']['lan']['staticmap'];
	$ri=40000;

	$shaperrules="";

	/* Add a counting rule for each IP */
	foreach($a_maps as $lease) {
		$ip=$lease['ipaddr'];
		$shaperrules .= "add $ri count all from any to $ip\n"; $ri++;
		$shaperrules .= "add $ri count all from $ip to any\n"; $ri++;
	}

	$rulei = 50000;

------------------------------

What I've been looking at doing is having a PHP script on the m0n0 box which
runs '/sbin/ipfw show' to dump out the status of the ipfw tables, then parses
the output for stats on each ip and puts them into a form suitable for mrtg
running on another box.

Having only played with BSD for the past few hours I only know as much about
ipfw as I've read in man pages this afternoon...  How efficient is this
counting method using ipfw, are there some big overheads when you start putting
lots of traffic through it?

Can anybody see any flaws in this plan, if it was this easy to do then I can't
believe that nobody else has done it?!

Richard


-- 
Richard Bishop
Postgrad Student
Information Security Group
Royal Holloway, University of London
UK