open_source:ccgx:ccgx_traffic_counting
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
open_source:ccgx:ccgx_traffic_counting [2015-03-30 14:46] – created thiemovanengelen | open_source:ccgx:ccgx_traffic_counting [2021-03-20 02:48] (current) – guystewart | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Traffic counting on the CCGX ====== | ====== Traffic counting on the CCGX ====== | ||
- | There are situation in which it is interesting to know the traffic usage of the color control. This can be done on the CCGX using [[http:// | + | There are situation in which it is interesting to know the traffic usage of the color control. This can be done on the GX device |
==== The rules ==== | ==== The rules ==== | ||
- | The following | + | The following |
< | < | ||
#Flush all | #Flush all | ||
Line 95: | Line 95: | ||
iptables -I OTHER_IN -s ipv4.connman.net -g CONNMAN_IN | iptables -I OTHER_IN -s ipv4.connman.net -g CONNMAN_IN | ||
iptables -I OTHER_OUT -d ipv4.connman.net -g CONNMAN_OUT | iptables -I OTHER_OUT -d ipv4.connman.net -g CONNMAN_OUT | ||
+ | </ | ||
+ | |||
+ | ==== Scripts ==== | ||
+ | The configuration of iptables is normally lost between reboots. The following code should be placed in the file / | ||
+ | < | ||
+ | #!/bin/sh | ||
+ | |||
+ | ### BEGIN INIT INFO | ||
+ | # Provides: | ||
+ | # Required-Start: | ||
+ | # Required-Stop: | ||
+ | # Default-Start: | ||
+ | # Default-Stop: | ||
+ | # Short-Description: | ||
+ | ### END INIT INFO | ||
+ | |||
+ | PATH=/ | ||
+ | NAME=iptables.sh | ||
+ | DESC=" | ||
+ | |||
+ | case " | ||
+ | start) | ||
+ | echo -n " | ||
+ | if [ -e / | ||
+ | echo " | ||
+ | exit 1 | ||
+ | else | ||
+ | touch / | ||
+ | fi | ||
+ | |||
+ | # Load saved rules | ||
+ | if [ -f / | ||
+ | iptables-restore -c < / | ||
+ | fi | ||
+ | echo " | ||
+ | ;; | ||
+ | stop) | ||
+ | echo -n " | ||
+ | if [ ! -e / | ||
+ | echo " | ||
+ | exit 1 | ||
+ | else | ||
+ | rm / | ||
+ | fi | ||
+ | |||
+ | mkdir -p / | ||
+ | # Backup old rules | ||
+ | if [ -f / | ||
+ | cp / | ||
+ | fi | ||
+ | # Save new rules | ||
+ | iptables-save -c > / | ||
+ | |||
+ | # Revert to Default Policy | ||
+ | iptables -P INPUT ACCEPT | ||
+ | iptables -P OUTPUT ACCEPT | ||
+ | iptables -P FORWARD ACCEPT | ||
+ | |||
+ | # Flush all rules and delete all custom chains | ||
+ | iptables -F | ||
+ | iptables -X | ||
+ | echo " | ||
+ | ;; | ||
+ | restart|force-reload) | ||
+ | echo -n " | ||
+ | $0 stop | ||
+ | $0 start | ||
+ | echo " | ||
+ | ;; | ||
+ | backup) | ||
+ | mkdir -p / | ||
+ | # Backup old rules | ||
+ | if [ -f / | ||
+ | cp / | ||
+ | fi | ||
+ | # Save new rules | ||
+ | iptables-save -c > / | ||
+ | ;; | ||
+ | log-reset) | ||
+ | mkdir -p / | ||
+ | iptables -L -v -x -n -Z > / | ||
+ | ;; | ||
+ | *) | ||
+ | N=/ | ||
+ | echo " | ||
+ | exit 1 | ||
+ | ;; | ||
+ | esac | ||
+ | |||
+ | exit 0 | ||
+ | </ | ||
+ | |||
+ | Then also execute the following command to make the script executable: | ||
+ | < | ||
+ | |||
+ | This allows shutting down the traffic counting using < | ||
+ | |||
+ | When the traffic counting is stopped in this way, the current count values are stored together with the rules, allowing it to continue in the state it was stopped. | ||
+ | |||
+ | When the traffic counting should be started and stopped on startup and reboot of the GX device, the following commands should also be executed: | ||
+ | < | ||
+ | ln -s / | ||
+ | ln -s / | ||
+ | </ | ||
+ | |||
+ | By adding the following line to / | ||
+ | < | ||
+ | */10 * | ||
</ | </ | ||
==== Viewing the data ==== | ==== Viewing the data ==== | ||
- | After executing these commands, the traffic by iptables. The data can be viewed by giving the command | + | After executing these commands, the traffic |
< | < | ||
+ | |||
+ | The following is an example output: | ||
+ | < | ||
+ | Chain INPUT (policy ACCEPT 0 packets, 0 bytes) | ||
+ | pkts bytes target | ||
+ | 78 25590 ACCEPT | ||
+ | 1033 | ||
+ | | ||
+ | | ||
+ | | ||
+ | 8438 | ||
+ | | ||
+ | |||
+ | Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) | ||
+ | pkts bytes target | ||
+ | |||
+ | Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) | ||
+ | pkts bytes target | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | 8438 | ||
+ | | ||
+ | |||
+ | Chain CONNMAN_IN (1 references) | ||
+ | pkts bytes target | ||
+ | 11 960 ACCEPT | ||
+ | |||
+ | Chain CONNMAN_OUT (1 references) | ||
+ | pkts bytes target | ||
+ | 10 758 ACCEPT | ||
+ | |||
+ | Chain DNS_IN (2 references) | ||
+ | pkts bytes target | ||
+ | | ||
+ | |||
+ | Chain DNS_OUT (2 references) | ||
+ | pkts bytes target | ||
+ | | ||
+ | |||
+ | Chain NTP_IN (1 references) | ||
+ | pkts bytes target | ||
+ | | ||
+ | |||
+ | Chain NTP_OUT (1 references) | ||
+ | pkts bytes target | ||
+ | 39 2964 ACCEPT | ||
+ | |||
+ | Chain OTHER_IN (1 references) | ||
+ | pkts bytes target | ||
+ | 11 960 CONNMAN_IN | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | 1610 | ||
+ | | ||
+ | | ||
+ | |||
+ | Chain OTHER_OUT (1 references) | ||
+ | pkts bytes target | ||
+ | 10 758 CONNMAN_OUT | ||
+ | | ||
+ | | ||
+ | 39 2964 NTP_OUT | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | 3373 | ||
+ | | ||
+ | | ||
+ | |||
+ | Chain PUBNUB_IN (2 references) | ||
+ | pkts bytes target | ||
+ | | ||
+ | |||
+ | Chain PUBNUB_OUT (2 references) | ||
+ | pkts bytes target | ||
+ | | ||
+ | |||
+ | Chain REMOTE_SUPPORT_IN (1 references) | ||
+ | pkts bytes target | ||
+ | 1610 | ||
+ | |||
+ | Chain REMOTE_SUPPORT_OUT (1 references) | ||
+ | pkts bytes target | ||
+ | 3373 | ||
+ | |||
+ | Chain UPDATE_IN (1 references) | ||
+ | pkts bytes target | ||
+ | | ||
+ | |||
+ | Chain UPDATE_OUT (1 references) | ||
+ | pkts bytes target | ||
+ | | ||
+ | |||
+ | Chain VRM_IN (1 references) | ||
+ | pkts bytes target | ||
+ | | ||
+ | |||
+ | Chain VRM_OUT (1 references) | ||
+ | pkts bytes target | ||
+ | | ||
+ | </ | ||
+ | |||
+ | The second column of the lines | ||
+ | < | ||
+ | | ||
+ | </ | ||
+ | and | ||
+ | < | ||
+ | | ||
+ | </ | ||
+ | show the incoming and outgoing traffic (in bytes) that is not for the local LAN. This is roughly the traffic that would normally be counted by the provider. | ||
+ | |||
+ | The lines under < | ||
+ | |||
+ | The following line also resets the counters (besides showing the current values): | ||
+ | < | ||
+ | Warning: The current values are not stored anywhere and thus are lost! | ||
+ | |||
+ | By adding the following line to / | ||
+ | < | ||
+ | @daily | ||
+ | </ | ||
open_source/ccgx/ccgx_traffic_counting.1427719565.txt.gz · Last modified: 2015-03-30 14:46 by thiemovanengelen