Subsections


1.1 ACCOUNTING - Detailed Traffic Logging

This OPT aims at detecting and analyzing each client's traffic as accurately as possible:

1.1.1 Configuration (Standard)

The following variables should be configured in accounting.txt:

OPT_ACCOUNTING
Default setting is 'no'. 'yes' activates the package.

ACCOUNTING_DIR
Default setting is '/boot/data/accounting'. This specifies the data directory. It should not be in a RAM disk. In case you want to collect the data in a RAM disk (maybe to save hard disk accesses) take a closer look at OPT_SARFILE or OPT_CPMVRMLOG to save and restore your precious data.
The directory '/var/run/accounting' may NOT be specified as a data directory or used as a target for save and restore operations.

ACCOUNTING_INT
Default setting is 'pppoe'. Specify the interfaces fli4l uses to route to the internet. Multiple interfaces can be separated with spaces. Example:
    ACCOUNTING_INT='pppoe'                 # DSL
    ACCOUNTING_INT='circuit-1 circuit-2'   # ISDN
    ACCOUNTING_INT='IP_NET_x_DEV'          # Ethernet

ACCOUNTING_CRON
Default setting is '55 * * * *'. This setting is optional and can be omitted completely. With this setting accounting.sh will be executed at defined time intervals. For further information on the syntax please read the documentation for package easycron. It should be ensured that the traffic between two updates does not exceed 4GB. An update shortly before the end of day is useful in order to assign the traffic to the correct day. The default should be sufficient for a bandwidth up to 9Mbit/s. This option requires an installed package easycron.

ACCOUNTING_LEARNIPS
Default setting is 'no'. This setting is optional and can be omitted completely. 'yes' will copy the script acclearnips.sh to the fli4l router and ececute it every ACCOUNTING_LEARNIPS_INTERVAL minutes. The ARP cache of the router will be monitored and accounting rules for new IP addresses will be created. This option requires an installed package easycron.

1.1.2 Configuration (Experts)

The following variables in accounting.txt are only needed as an exception.

ACCOUNTING_VPNINT
Default setting is ''. This setting is optional and can be omitted completely. Specify VPN-interfaces (tun0, tun1, ...) to be monitored. Multiple interfaces can be separated with spaces.

ACCOUNTING_LEARNIPS_INTERVAL
Default setting is '5'. This setting is optional and can be omitted completely. Specify the time interval for execution of acclearnips.sh (see ACCOUNTING_LEARNIPS?). If this setting is empty a default of 5 minutes will be used.

ACCOUNTING_LEARNFROMINT
This setting is optional and can be omitted completely. By using this setting you can specify the interfaces from which ip-addresses will be learned. By default all interfaces are monitored. This may be useful if fli4l is used as an ethernet router and ip-adresses of your provider's net are recognized. Multiple interfaces can be separated with spaces.

ACCOUNTING_METHOD
Default setting is 'new'. This setting is optional and can be omitted completely. With the previous accounting method ('old') all traffic will be checked by the accounting rules and additional rules will be applied to exclude traffic between masked networks. Postrouting rules will be read in order to achieve this. This will work as expected with
    POSTROUTING_LIST_1='IP_NET_1 MASQUERADE'
in base.txt but not with
    POSTROUTING_LIST_1='if:any:pppoe MASQUERADE'.
The new method ('new') only directs traffic in interfaces defined in ACCOUNTING_INT into the accounting rules chain. By using this
    POSTROUTING_LIST_1='if:any:pppoe MASQUERADE'
is not a problem anymore.

ACCOUNTING_LOCALTRAF
Default setting is 'no'. This setting is optional and can be omitted completely. Normally only routed traffic is counted by Accounting. If a proxy is installed on the fli4l traffic won't be routed and Accounting's values will stay zero. You can set ACCOUNTING_LOCALTRAF to 'yes' to avoid that. All traffic from fli4l to the client and back will be routed through the accounting rules chain then. The backdraw is that all traffic between router and client will be counted as internet traffic. This encloses updates, SSH, SCP, FTP, httpd, and so on. The difference can become negative very fast.

ACCOUNTING_MAXINT
Default setting is '4294967296'. This setting is optional and should only be specified in rare special cases. The value gives the maximum amount of bytes an interface can have before overflow is reached. This variable must be specified only if the interface maximum is NOT 4294967296 bytes (4GB). If you are not sure don't touch this parameter.

ACCOUNTING_DEBUG_INT
Default setting is 'no'. This setting is optional and can be omitted completely. With setting this to 'yes' a file named int.log will be created to record the calculation of the interface data.

1.1.3 Rights in Httpd

Accounting supports the assignment of rights in httpd. Example for httpd.txt:
    ...
    HTTPD_USER_N='2'
    HTTPD_USER_1_USERNAME='admin'
    HTTPD_USER_1_PASSWORD='secret'
    HTTPD_USER_1_RIGHTS='all'
    HTTPD_USER_2_USERNAME='accounting'
    HTTPD_USER_2_PASSWORD='0815'
    HTTPD_USER_2_RIGHTS='accounting:view'
    ...
User admin has all rights including accounting, user accounting has only rights to use Accounting.

1.1.4 Using The Browser

Using the web-interface (httpd) should be self-explanatory. I would like to comment briefly on it. In the left column month name, host name, IP addresses, interface names and day numbers can be clicked to navigate. Clicking on refresh runs accounting.sh.

1.1.5 Data and Index

In the data directory a directory is created for each year and the data is stored in monthly files. A file index.acc will be created too. The acquired IP addresses and interfaces get a unique number and will be registered in index.acc.

Example:

    ACCOUNTING_HOST_n='3'
    ACCOUNTING_HOST_1_IP='192.168.6.1'
    ACCOUNTING_HOST_1_NAME='client1'
    ACCOUNTING_HOST_2_IP='192.168.6.2'
    ACCOUNTING_HOST_2_NAME='client2'
    ACCOUNTING_HOST_3_IP='192.168.6.3'
    ACCOUNTING_HOST_3_NAME='client3'
    ACCOUNTING_INT_n='3'
    ACCOUNTING_INT_1_NAME='ppp0'
    ACCOUNTING_INT_2_NAME='eth0'
    ACCOUNTING_INT_3_NAME='lo'
Variables ACCOUNTING_HOST_x_NAME are optional. This names will be shown by the web-interface if name resolution is set to index. The file index.acc can be edited directly on the router. As an editor choose one you like from the tools-package.

Attention
Data will be saved by its index number. Changing assignment of index number to IP or interface-name will lead to invalid data.

1.1.6 FAQ

Question
What means difference?
Answer
Only routed traffic of the registered clients is detected by the accounting rules. The internet interface captures all traffic to / from the Internet. The difference can be e.g. traffic from non-registered clients, proxy, mail server, download tools on the router and TCP/IP overhead.

Question
Since I installed OPT_ACCOUNTING the router itself dials an internet connection on a regular basis even if no client is running. How can I avoid that?
Answer
Set DNS_BOGUS_PRIV in base.txt to 'yes'. (This is the default setting.)

Question
Traffic for ppp0 is several gigabytes too high and the difference is too.
Answer
Problems can arise by using DIALMODE='auto' in base.txt and PPPOE_HUP_TIMEOUT='0' in dsl.txt at the same time. To be online 24/7 set PPPOE_HUP_TIMEOUT to a high value (for example 86400) and regularly provide queries. As of fli4l-2.1.12 you can set PPPOE_HUP_TIMEOUT='never' to prevent fli4l from closing a connection. I would rather avoid this setting and use the method mentioned before.

© 2001-2015 The fli4l-Team - 27 January 2015