Netmeter

One of the many talents of Linux is networking, and here we use its native ability to do traffic accounting. The netmeter addon package allows you to configure the server to do IP accounting and net access control.

 

How it works

Workstation users must first register on a webpage in order for the firewall to allow their traffic through. After that usage data is kept on a per user per hour basis. Users can view their usage data, and sysadmins can be emailed periodic traffic summarys.

 

You do need your own box, root access to it and someone able to administer it.   The advantage of making the server route and do NAT instead of your broadband router are:

  • more robust NAT able to handle more workstations
  • traffic accounting, and access control
  • early detection of virus   related traffic or rogue users
  • VPNs

 

Installation

The following assumes filesystem locations and IP addresses consistent with you having worked through all three server setup guides:

 

When that is working correctly:

 

Configure /config/netconfig.php

Upload the /netmeter webpages to the server

Configure each of the scripts in /netmeter/server

Upload the scripts to /home/tasks/ipacc

Where cow is your non-root user you use to ftp etc:

 

chown -R cow:cow /home/tasks/ipacc

chmod 0755 /home/tasks/ipacc/logs

cp /home/tasks/ipacc/firewall /etc/init.d/firewall

chmod 0700 /etc/init.d/firewall

update-rc.d firewall defaults

 

Make sure the scripts S number on runlevel2 is higher than mysql`s (so that MySQL starts before the firewall trys to use it):

ls -l /etc/rc2.d/

 

S19mysql -> ../init.d/mysql

S20firewall -> ../init.d/firewall

 

Usage

On the netmeter homepage, for each client click register.

Updates to the firewall are made hourly on the hour. After the hour passes you should have internet access for that user. You can hurry up an initial net connection by running net-users.pl manually with:

perl /home/tasks/ipacc/net-users.pl

 

Test whos on line at any given moment with:

ip neigh

perl /home/tasks/ipacc/rate.pl

 

The latter takes a 10s sample and calculates kbs down/upload rates.

Admin login