usage tracking

Lisa Kachold lisakachold at obnosis.com
Wed Feb 6 08:12:55 MST 2013 

I agree that monitoring is good, but I also believe that Joseph Sinclair
hit the nail on the head with throttling.

It would be recommended that you build one of the wonderful Linux SoHo
Firewalls Systems that include controls for outbound proxy (to limit
YouTube), ebtables and dnsmasq (to control hackers) all managed via a
web-based interface.  We really don't care if you have a "router based"
firewall - most of the small ones can be easily encroached or bypassed with
DNS or other packet traffic.

We really don't recommend you use the firewall/throttle system at all, due
to possibility of browser or I/O based (SSH) encroachment.  Further use 12
character passwords for SSH with spaces and limit all access via SOURCE and
DESTINATION rules.  If you don't use dnsmasq, you should limit dns to
source and destination also.

Some even work with Wifi:

http://sourceforge.net/projects/ipcop/   IPCOP

http://www.smoothwall.org/  Smoothwall

http://distrowatch.com/table.php?distribution=ipfire  IPFire (improvement
over IPCop [which is old])

https://launchpad.net/ufw  UFW

http://www.openbsd.org/faq/pf/  OpenBSD pf





On Mon, Oct 22, 2012 at 8:59 PM, Derek Trotter <expat.arizonan at gmail.com>wrote:

>  I managed to solve my problem.  Today someone told me about an app called
> Darkstat
>
> http://unix4lyfe.org/darkstat/
>
> It's in the ubuntu repository  and it monitors eth0 right out of the box.
> It gives you stats for the last minute, hour, day and 30 days.
>
> On 10/20/2012 10:16 AM, Joseph Sinclair wrote:
>
> iptables can do traffic accounting (I think Lisa gave some good pointers there), but you might also want to *control* the bandwidth usage (say throttle to a low speed when you get over 80% of your limit, or block YouTube after it consumes XX% of the limit).
> For that the "tc" utility may be used to manage the IP traffic control features of the Linux kernel on your gateway box.
> TC is fairly complicated (unless you read about traffic queuing disciplines for fun), and the only GUI tool I know of, ktctool(http://ktctool.berlios.de/) is a bit old; last updated in 2006.
> You might be able to find a few other ui options with some careful google searching (rather high junk ratio in a couple test searches I did).
>
> On 10/20/2012 08:38 AM, Derek Trotter wrote:
>
>  My ISP imposes a monthly quota.  If the total amount of data I download and upload exceeds that quota I get billed extra. Everything I send or receive passes through my full time linux box. Is there something I can install on it that would monitor and log how much data passes through eth0?
>
> thanks
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>



-- 

(503) 754-4452 Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice
**
it-clowns.com
Chief Clown
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20130206/09b39618/attachment.html>

More information about the PLUG-discuss mailing list