├── .gitignore
├── README.md
├── changelog
├── control
├── copyright
├── debian
    ├── .gitignore
    ├── changelog
    ├── compat
    ├── control
    ├── copyright
    ├── install
    └── rules
├── example.png
├── fileMap
├── init
    └── wrtbwmon
├── install.sh
├── makefile
├── mkipk.sh
├── postinst
├── readDB.awk
├── release-notes
├── todo
├── usage.htm1
├── usage.htm2
└── wrtbwmon


/.gitignore:
--------------------------------------------------------------------------------
 1 | *.db
 2 | *.htm
 3 | *.log
 4 | *.old
 5 | *~
 6 | .RData
 7 | \#*
 8 | old
 9 | TAGS
10 | *.tgz
11 | *.ipk
12 | .gawk*
13 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # wrtbwmon
 2 | Modified from https://code.google.com/p/wrtbwmon/.
 3 | 
 4 | ## Testers needed for IPv6 support
 5 | Experimental release: https://github.com/pyrovski/wrtbwmon/releases/tag/0.37_ipv6
 6 | 
 7 | ## Features
 8 |  - "User" column has mouseover text containing MAC and IP addresses
 9 |  - "First seen" and "Total" columns in usage table
10 |  - Monitoring of locally generated traffic on a per-interface basis
11 |  - `remove` function to delete `iptables` rules
12 | 
13 | ### What does it do?
14 | `wrtbwmon` was designed to track bandwidth consumption on home routers. 
15 | It accomplishes this with `iptables` rules, which means you don't need to run an extra process just to track bandwidth. 
16 | `wrtbwmon` conveniently tracks bandwidth consumption on a per-IP address basis, 
17 | so you can easily determine which user/device is the culprit.
18 | 
19 | Here is an example usage table:
20 | ![image](example.png)
21 | 
22 | ### How do I use it?
23 | - Install: Download and install ipk from the [releases page](https://github.com/pyrovski/wrtbwmon/releases/)
24 | - Setup: `wrtbwmon setup`
25 | - Update table: `wrtbwmon update /tmp/usage.db` (you can place the data table anywhere)
26 | - Create html page: `wrtbwmon publish /tmp/usage.db /tmp/usage.htm`
27 | - Dump table to terminal: `wrtbwmon dump /tmp/usage.db`
28 | - Remove: `wrtbwmon remove`
29 | 
30 | ### Installation options
31 | - Install ipk
32 |   - e.g.,: 
33 |     - `cd /tmp`
34 |     - HTTPS: `curl -LO https://github.com/pyrovski/wrtbwmon/releases/download/0.36/wrtbwmon_0.36_all.ipk`
35 |     - HTTP: you're on your own :( Busybox wget usually doesn't have SSL support.
36 |     - OpenWrt: `opkg install /tmp/wrtbwmon_0.36_all.ipk`
37 | - Install deb from [the releases page](https://github.com/pyrovski/wrtbwmon/releases)
38 | - Or, if you don't want to use an ipk or a deb:
39 |   - `cd /tmp`
40 |   - HTTPS: `curl -L https://github.com/pyrovski/wrtbwmon/archive/0.36.tar.gz | tar xvz`
41 |   - `cd wrtbwmon-0.36`
42 |   - `./install.sh wrtbwmon readDB.awk usage.htm1 usage.htm2 wrtbwmon`
43 |     - Currently, this depends on the `install` program. OpenWrt chose to provide this as the "coreutils-install" package.
44 | - Or, if you have `make`, just `make install` as root after cloning/unpacking.
45 | 
46 | ### Configuring the published table
47 | - `wrtbwmon` checks a few files for MAC -> name maps:
48 |   - 4th argument to `wrtbwmon publish <DB> <userDB>`
49 |   - `/tmp/dhcp.leases`
50 |   - `/tmp/dnsmasq.conf`
51 |   - `/etc/dnsmasq.conf`
52 |   - `/etc/hosts`
53 | - If all of the above do not yield a match, the script will optionally perform a reverse DNS lookup directed at the DNS server specified in the `DNS` variable. If `DNS` is blank or unset, the script will not perform such lookups.
54 | 
55 | ### Regular updates
56 | - Add the following to root's crontab:
57 | 
58 |         # adapt PATH to your needs
59 |         PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
60 | 	
61 |         * * * * * <script location> update /tmp/usage.db
62 |         0 * * * * <script location> publish /tmp/usage.db /tmp/usage.htm
63 | 
64 | - On OpenWRT you need to [enable cron](https://wiki.openwrt.org/doc/howto/cron#activating_cron) as it is disabled by default:
65 | 
66 |         /etc/init.d/cron start
67 |         /etc/init.d/cron enable
68 | 
69 | - Enable web serving of the generated page (optional)
70 |   This varies by environment, but for lighttpd:
71 |          
72 |         ln -s /tmp/usage.htm /var/www/html/
73 | 
74 | ### Remove `iptables` rules
75 |  - `wrtbwmon remove`
76 | 


--------------------------------------------------------------------------------
/changelog:
--------------------------------------------------------------------------------
 1 | wrtbwmon (0.36) UNRELEASED; urgency=medium
 2 | 
 3 |   * Packaging changes: remove .sh extension from init script, use 'tar' for final packing step.
 4 | 
 5 |  -- Peter Bailey <peter.eldridge.bailey@gmail.com>  Sun, 15 Jan 2017 19:16:40 -0800
 6 | 
 7 | wrtbwmon (0.35) unstable; urgency=low
 8 | 
 9 |   * Added deb package, changed back to wrtbwmon from wrtbwmon.sh
10 | 
11 |  -- Peter Bailey <peter.eldridge.bailey@gmail.com>  Sun, 20 Nov 2016 00:58:09 -0800
12 | 
13 | wrtbwmon (0.34) unstable; urgency=low
14 | 
15 |   * Added ipk and install targets with default paths for scripts and resources.
16 | 
17 |  -- Peter Bailey <peter.eldridge.bailey@gmail.com>  Fri, 19 Feb 2016 00:00:00 -0800
18 | 


--------------------------------------------------------------------------------
/control:
--------------------------------------------------------------------------------
 1 | Package: wrtbwmon
 2 | Version: 0.36
 3 | Architecture: all
 4 | Maintainer: Peter Bailey <peter.eldridge.bailey+wrtbwmon@gmail.com>
 5 | Section: net
 6 | Priority: optional
 7 | Description: wrtbwmon was designed to track bandwidth consumption on home routers. It accomplishes this with iptables rules, which means you don't need to run an extra process just to track bandwidth. wrtbwmon conveniently tracks bandwidth consumption on a per-IP address basis, so you can easily determine which user/device is the culprit.
 8 | Source: https://github.com/pyrovski/wrtbwmon
 9 | #Depends: gawk | mawk | busybox, iptables, sed | busybox, iproute2 | ip
10 | 


--------------------------------------------------------------------------------
/copyright:
--------------------------------------------------------------------------------
 1 | wrtbwmon
 2 | Copyright (C) 2016 Peter Bailey
 3 | 
 4 | This program is free software; you can redistribute it and/or modify
 5 | it under the terms of the GNU General Public License as published by
 6 | the Free Software Foundation; either version 2 of the License, or (at
 7 | your option) any later version.
 8 | 
 9 | This program is distributed in the hope that it will be useful, but
10 | WITHOUT ANY WARRANTY; without even the implied warranty of
11 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
12 | General Public License for more details.
13 | 
14 | You should have received a copy of the GNU General Public License
15 | along with this program; if not, write to the Free Software
16 | Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
17 | 02110-1301, USA.
18 | 


--------------------------------------------------------------------------------
/debian/.gitignore:
--------------------------------------------------------------------------------
1 | debhelper*
2 | files
3 | wrtbwmon*
4 | 


--------------------------------------------------------------------------------
/debian/changelog:
--------------------------------------------------------------------------------
1 | ../changelog


--------------------------------------------------------------------------------
/debian/compat:
--------------------------------------------------------------------------------
1 | 9
2 | 


--------------------------------------------------------------------------------
/debian/control:
--------------------------------------------------------------------------------
 1 | Source: wrtbwmon
 2 | Maintainer: Peter Bailey <peter.eldridge.bailey@gmail.com>
 3 | Section: net
 4 | Priority: optional
 5 | Standards-Version: 3.9.7
 6 | Build-Depends: debhelper (>= 9)
 7 | 
 8 | Package: wrtbwmon
 9 | Architecture: all
10 | Depends: iproute2 | iproute, iptables, ${shlibs:Depends}, ${misc:Depends}, 
11 | Description: iptables-based bandwidth monitor
12 |  wrtbwmon was designed to track bandwidth consumption on home
13 |  routers. It accomplishes this with iptables rules, which means you
14 |  don't need to run an extra process just to track bandwidth. wrtbwmon
15 |  conveniently tracks bandwidth consumption on a per-IP address basis,
16 |  so you can easily determine which user/device is the culprit.
17 | 


--------------------------------------------------------------------------------
/debian/copyright:
--------------------------------------------------------------------------------
1 | ../copyright


--------------------------------------------------------------------------------
/debian/install:
--------------------------------------------------------------------------------
1 | # TODO: share this between makefile/ipk/deb
2 | wrtbwmon /usr/sbin
3 | readDB.awk /usr/sbin
4 | usage.htm1 /usr/share/wrtbwmon
5 | usage.htm2 /usr/share/wrtbwmon
6 | init/wrtbwmon /etc/init.d
7 | 


--------------------------------------------------------------------------------
/debian/rules:
--------------------------------------------------------------------------------
1 | #!/usr/bin/make -f
2 | %:
3 | 	dh $@
4 | 


--------------------------------------------------------------------------------
/example.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/pyrovski/wrtbwmon/bdf0350788f9afadacddecaae4e669f660bf55d5/example.png


--------------------------------------------------------------------------------
/fileMap:
--------------------------------------------------------------------------------
1 | usr/sbin: wrtbwmon readDB.awk
2 | usr/share/wrtbwmon: usage.htm1 usage.htm2
3 | CONTROL: control postinst
4 | etc/init.d: init/wrtbwmon
5 | 


--------------------------------------------------------------------------------
/init/wrtbwmon:
--------------------------------------------------------------------------------
 1 | #!/bin/sh /etc/rc.common
 2 | #
 3 | # start/stop wrtbwmon bandwidth monitor
 4 | 
 5 | ### BEGIN INIT INFO
 6 | # Provides:           wrtbwmon
 7 | # Required-Start:     $network $local_fs $remote_fs
 8 | # Required-Stop:      $local_fs $remote_fs
 9 | # Default-Start:      2 3 4 5
10 | # Default-Stop:       0 1 6
11 | # Short-Description:  iptables-based bandwidth monitor
12 | ### END INIT INFO
13 | 
14 | START=91
15 | 
16 | start(){
17 |     /usr/sbin/wrtbwmon setup /tmp/usage.db
18 | }
19 | 
20 | stop(){
21 |     /usr/sbin/wrtbwmon remove
22 | }
23 | 


--------------------------------------------------------------------------------
/install.sh:
--------------------------------------------------------------------------------
 1 | do_copy() {
 2 |     local dest perm file
 3 |     for file in $*; do
 4 | 	dest=`egrep ".+ $file( |$)" ./fileMap | cut -d':' -f1`
 5 | 	mkdir -p $DESTDIR/$dest
 6 | 	if [ -n `echo $dest | egrep '/s*bin$'` ]; then
 7 |     	    perm=0744
 8 | 	else
 9 |     	    perm=0644
10 | 	fi
11 | 	install -m $perm -t $DESTDIR/$dest/ $file
12 |     done
13 | }
14 | 
15 | base=`basename $0`
16 | if [ "$base" = "mkipk.sh" ]; then
17 |     DESTDIR=$(mktemp -d)
18 |     do_copy $*
19 |     fakeroot -- ipkg-build -c $DESTDIR
20 |     rm -rf $DESTDIR
21 | else
22 |     DESTDIR=${DESTDIR:-"/"}
23 |     do_copy $*
24 | fi
25 | 


--------------------------------------------------------------------------------
/makefile:
--------------------------------------------------------------------------------
 1 | DESTDIR?=/
 2 | install-files=$(shell grep -v CONTROL fileMap  | cut -d: -f2- | tr -d '\n')
 3 | ipk-files=$(shell grep CONTROL fileMap | cut -d: -f2-)
 4 | version:=$(shell egrep '^Version:' ./control | awk '{print $$2}')
 5 | target=wrtbwmon_$(version)_all.ipk
 6 | 
 7 | all: $(target)
 8 | 
 9 | $(target): $(install-files) $(ipk-files)
10 | 	./mkipk.sh $^
11 | 
12 | install: $(install-files)
13 | 	./install.sh $^
14 | 
15 | deb:
16 | 	gbp buildpackage -Pdebian --git-ignore-new
17 | 
18 | clean:
19 | 	rm -f *.ipk
20 | 
21 | .PHONY: deb install clean
22 | 
23 | .SUFFIXES:
24 | 


--------------------------------------------------------------------------------
/mkipk.sh:
--------------------------------------------------------------------------------
1 | install.sh


--------------------------------------------------------------------------------
/postinst:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Enable on boot
 4 | /etc/init.d/wrtbwmon enable
 5 | 
 6 | # Configure our cron
 7 | if [ -d "/etc/crontabs" ]; then
 8 |   echo "PATH=/usr/sbin:/usr/bin:/sbin:/bin" > /etc/crontabs/wrtbwmon
 9 |   echo "* * * * * /usr/sbin/wrtbwmon update /tmp/usage.db" >> /etc/crontabs/wrtbwmon
10 |   echo "0 * * * * /usr/sbin/wrtbwmon publish /tmp/usage.db /tmp/usage.htm" >> /etc/crontabs/wrtbwmon
11 | fi
12 | /etc/init.d/cron reload
13 | 
14 | # Symlink to our webdir
15 | if [ -d "/var/www/html" ]; then
16 |   ln -s /tmp/usage.htm /var/www/html/usage.htm
17 | elif [ -d "/www" ]; then
18 |  ln -s /tmp/usage.htm /www/usage.htm
19 | fi
20 | 
21 | exit 0
22 | 


--------------------------------------------------------------------------------
/readDB.awk:
--------------------------------------------------------------------------------
  1 | #!/usr/bin/awk
  2 | 
  3 | function inInterfaces(host){
  4 |     return(interfaces ~ "(^| )"host"($| )")
  5 | }
  6 | 
  7 | function newRule(arp_ip,
  8 |     ipt_cmd){
  9 |     # checking for existing rules shouldn't be necessary if newRule is
 10 |     # always called after db is read, arp table is read, and existing
 11 |     # iptables rules are read.
 12 |     ipt_cmd="iptables -t mangle -j RETURN -s " arp_ip
 13 |     system(ipt_cmd " -C RRDIPT_FORWARD 2>/dev/null || " ipt_cmd " -A RRDIPT_FORWARD")
 14 |     ipt_cmd="iptables -t mangle -j RETURN -d " arp_ip
 15 |     system(ipt_cmd " -C RRDIPT_FORWARD 2>/dev/null || " ipt_cmd " -A RRDIPT_FORWARD")
 16 | }
 17 | 
 18 | function total(i){
 19 |     return(bw[i "/in"] + bw[i "/out"])
 20 | }
 21 | 
 22 | function date(    cmd, d){
 23 |     cmd="date +%d-%m-%Y_%H:%M:%S"
 24 |     cmd | getline d
 25 |     close(cmd)
 26 |     #!@todo could start a process with "while true; do date ...; done"
 27 |     return(d)
 28 | }
 29 | 
 30 | BEGIN {
 31 |     od=""
 32 |     fid=1
 33 |     debug=0
 34 |     rrd=0
 35 | }
 36 | 
 37 | /^#/ { # get DB filename
 38 |     FS=","
 39 |     dbFile=FILENAME
 40 |     next
 41 | }
 42 | 
 43 | # data from database; first file
 44 | FNR==NR { #!@todo this doesn't help if the DB file is empty.
 45 |     if($2 == "NA")
 46 | 	#!@todo could get interface IP here
 47 | 	n=$1
 48 |     else
 49 | 	n=$2
 50 | 
 51 |     hosts[n] = "" # add this host/interface to hosts
 52 |     mac[n]        =  $1
 53 |     ip[n]         =  $2
 54 |     inter[n]      =  $3
 55 |     bw[n "/in"]   =  $4
 56 |     bw[n "/out"]  =  $5
 57 |     firstDate[n]  =  $7
 58 |     lastDate[n]   =  $8
 59 |     next
 60 | }
 61 | 
 62 | # not triggered on the first file
 63 | FNR==1 {
 64 |     FS=" "
 65 |     fid++ #!@todo use fid for all files; may be problematic for empty files
 66 |     next
 67 | }
 68 | 
 69 | # arp: ip hw flags hw_addr mask device
 70 | fid==2 {
 71 |     #!@todo regex match IPs and MACs for sanity
 72 |     arp_ip    = $1
 73 |     arp_flags = $3
 74 |     arp_mac   = $4
 75 |     arp_dev   = $6
 76 |     if(arp_flags != "0x0" && !(arp_ip in ip)){
 77 | 	if(debug)
 78 | 	    print "new host:", arp_ip, arp_flags > "/dev/stderr"
 79 | 	hosts[arp_ip] = ""
 80 | 	mac[arp_ip]   = arp_mac
 81 | 	ip[arp_ip]    = arp_ip
 82 | 	inter[arp_ip] = arp_dev
 83 | 	bw[arp_ip "/in"] = bw[arp_ip "/out"] = 0
 84 | 	firstDate[arp_ip] = lastDate[arp_ip] = date()
 85 |     }
 86 |     next
 87 | }
 88 | 
 89 | #!@todo could use mangle chain totals or tailing "unnact" rules to
 90 | # account for data for new hosts from their first presence on the
 91 | # network to rule creation. The "unnact" rules would have to be
 92 | # maintained at the end of the list, and new rules would be inserted
 93 | # at the top.
 94 | 
 95 | # skip line
 96 | # read the chain name and deal with the data accordingly
 97 | fid==3 && $1 == "Chain"{
 98 |     rrd=$2 ~ /RRDIPT_.*/
 99 |     next
100 | }
101 | 
102 | fid==3 && rrd && (NF < 9 || $1=="pkts"){ next }
103 | 
104 | fid==3 && rrd { # iptables input
105 |     if($6 != "*"){
106 | 	m=$6
107 | 	n=m "/out"
108 |     } else if($7 != "*"){
109 | 	m=$7
110 | 	n=m "/in"
111 |     } else if($8 != "0.0.0.0/0"){
112 | 	m=$8
113 | 	n=m "/out"
114 |     } else { # $9 != "0.0.0.0/0"
115 | 	m=$9
116 | 	n=m "/in"
117 |     }
118 | 
119 |     # remove host from array; any hosts left in array at END get new
120 |     # iptables rules
121 | 
122 |     #!@todo this deletes a host if any rule exists; if only one
123 |     # directional rule is removed, this will not remedy the situation
124 |     delete hosts[m]
125 | 
126 |     if($2 > 0){ # counted some bytes
127 | 	if(mode == "diff" || mode == "noUpdate")
128 | 	    print n, $2
129 | 	if(mode!="noUpdate"){
130 | 	    if(inInterfaces(m)){ # if label is an interface
131 | 		if(!(m in mac)){ # if label was not in db (also not in
132 | 				 # arp table, but interfaces won't be
133 | 				 # there anyway)
134 | 		    firstDate[m] = date()
135 | 		    mac[m] = inter[m] = m
136 | 		    ip[m] = "NA"
137 | 		    bw[m "/in"]=bw[m "/out"]= 0
138 | 		}
139 | 	    }
140 | 	    bw[n]+=$2
141 | 	    lastDate[m] = date()
142 | 	}
143 |     }
144 | }
145 | 
146 | END {
147 |     if(mode=="noUpdate") exit
148 |     close(dbFile)
149 |     system("rm -f " dbFile)
150 |     print "#mac,ip,iface,in,out,total,first_date,last_date" > dbFile
151 |     OFS=","
152 |     for(i in mac)
153 | 	print mac[i], ip[i], inter[i], bw[i "/in"], bw[i "/out"], total(i), firstDate[i], lastDate[i] > dbFile
154 |     close(dbFile)
155 |     # for hosts without rules
156 |     for(host in hosts) if(!inInterfaces(host)) newRule(host)
157 | }
158 | 


--------------------------------------------------------------------------------
/release-notes:
--------------------------------------------------------------------------------
 1 | - transition from invocation as "wrtbwmon.sh" back to "wrtbwmon"
 2 | - update readme
 3 | - add ipk
 4 | - install files according a standard filesystem layout
 5 | - remove peak/offpeak distinction
 6 | - add init script
 7 | - perform reverse DNS lookups to find hostnames
 8 | - fix locking issues
 9 | - add "dump" option
10 | 


--------------------------------------------------------------------------------
/todo:
--------------------------------------------------------------------------------
1 | - add logger
2 | - cache DNS results
3 | - use a config file
4 | - check for existence of tool dependencies before using them
5 | - fix DNS reverse lookups for systems without nslookup
6 | - add tests
7 | 


--------------------------------------------------------------------------------
/usage.htm1:
--------------------------------------------------------------------------------
 1 | <html><head><title>Traffic</title>
 2 | <script type="text/javascript">
 3 | function getSize(size) {
 4 |     var prefix=new Array("","k","M","G","T","P","E","Z"); var base=1000;
 5 |     var pos=0;
 6 |     while (size>base) {
 7 |         size/=base; pos++;
 8 |     }
 9 |     if (pos > 2) precision=1000; else precision = 1;
10 |     return (Math.round(size*precision)/precision)+' '+prefix[pos];}
11 | </script></head>
12 | <body><h1>Total Usage:</h1>
13 | <table border="1">
14 | <tr bgcolor=silver>
15 | <th>User</th>
16 | <th>Download</th>
17 | <th>Upload</th>
18 | <th>Total</th>
19 | <th>First seen</th>
20 | <th>Last seen</th>
21 | </tr>
22 | <script type="text/javascript">
23 | var values = new Array(
24 | 


--------------------------------------------------------------------------------
/usage.htm2:
--------------------------------------------------------------------------------
 1 | var totalIn = 0;
 2 | var totalOut = 0;
 3 | for (i=0; i < values.length-1; i++) {
 4 |     totalIn += values[i][3];
 5 |     totalOut += values[i][4];
 6 |     document.write("<tr><td><div title=\"" + values[i][1] + " (" + values[i][2] + ")" + "\">" + values[i][0] + "</div></td>");
 7 |     for (j=3; j < 6; j++)
 8 |         document.write("<td>" + getSize(values[i][j]) + "</td>");
 9 |     document.write("<td>" + values[i][6] + "</td><td>" + values[i][7] + "</td></tr>");
10 | }
11 | document.write("<tr><td>TOTAL</td><td>" + getSize(totalIn) + "</td><td>" + getSize(totalOut) + "</td><td>" + getSize(totalIn + totalOut) + "</td><td></td><td></td></tr>");
12 | </script></table>
13 | <br /><small>This page was generated on (date)</small>
14 | </body></html>
15 | 


--------------------------------------------------------------------------------
/wrtbwmon:
--------------------------------------------------------------------------------
  1 | #!/bin/sh
  2 | #
  3 | # wrtbwmon: traffic logging tool for routers
  4 | #
  5 | # Peter Bailey (peter.eldridge.bailey+wrtbwmon AT gmail.com)
  6 | #
  7 | # Based on work by:
  8 | # Emmanuel Brucy (e.brucy AT qut.edu.au)
  9 | # Fredrik Erlandsson (erlis AT linux.nu)
 10 | # twist - http://wiki.openwrt.org/RrdTrafficWatch
 11 | 
 12 | trap "rm -f /tmp/*_$$.tmp; kill $$" INT
 13 | binDir=/usr/sbin
 14 | dataDir=/usr/share/wrtbwmon
 15 | lockDir=/tmp/wrtbwmon.lock
 16 | pidFile=$lockDir/pid
 17 | networkFuncs=/lib/functions/network.sh
 18 | uci=`which uci 2>/dev/null`
 19 | nslookup=`which nslookup 2>/dev/null`
 20 | nvram=`which nvram 2>/dev/null`
 21 | 
 22 | chains='INPUT OUTPUT FORWARD'
 23 | DEBUG=
 24 | interfaces='eth0 tun0' # in addition to detected WAN
 25 | DB=$2
 26 | mode=
 27 | 
 28 | # DNS server for reverse lookups provided in "DNS".
 29 | # don't perform reverse DNS lookups by default
 30 | DO_RDNS=${DNS-}
 31 | 
 32 | header="#mac,ip,iface,in,out,total,first_date,last_date"
 33 | 
 34 | createDbIfMissing()
 35 | {
 36 |     [ ! -f "$DB" ] && echo $header > "$DB"
 37 | }
 38 | 
 39 | checkDbArg()
 40 | {
 41 |     [ -z "$DB" ] && echo "ERROR: Missing argument 2 (database file)" && exit 1
 42 | }
 43 | 
 44 | checkDB()
 45 | {
 46 |     [ ! -f "$DB" ] && echo "ERROR: $DB does not exist" && exit 1
 47 |     [ ! -w "$DB" ] && echo "ERROR: $DB is not writable" && exit 1   
 48 | }
 49 | 
 50 | checkWAN()
 51 | {
 52 |     [ -z "$wan" ] && echo "Warning: failed to detect WAN interface."
 53 | }
 54 | 
 55 | lookup()
 56 | {
 57 |     MAC=$1
 58 |     IP=$2
 59 |     userDB=$3
 60 |     for USERSFILE in $userDB /tmp/dhcp.leases /tmp/dnsmasq.conf /etc/dnsmasq.conf /etc/hosts; do
 61 | 	[ -e "$USERSFILE" ] || continue
 62 | 	case $USERSFILE in
 63 | 	    /tmp/dhcp.leases )
 64 | 		USER=$(grep -i "$MAC" $USERSFILE | cut -f4 -s -d' ')
 65 | 		;;
 66 | 	    /etc/hosts )
 67 | 		USER=$(grep "^$IP " $USERSFILE | cut -f2 -s -d' ')
 68 | 		;;
 69 | 	    * )
 70 | 		USER=$(grep -i "$MAC" "$USERSFILE" | cut -f2 -s -d,)
 71 | 		;;
 72 | 	esac
 73 | 	[ "$USER" = "*" ] && USER=
 74 | 	[ -n "$USER" ] && break
 75 |     done
 76 |     if [ -n "$DO_RDNS" -a -z "$USER" -a "$IP" != "NA" -a -n "$nslookup" ]; then
 77 | 	USER=`$nslookup $IP $DNS | awk '!/server can/{if($4){print $4; exit}}' | sed -re 's/[.]$//'`
 78 |     fi
 79 |     [ -z "$USER" ] && USER=${MAC}
 80 |     echo $USER
 81 | }
 82 | 
 83 | detectIF()
 84 | {
 85 |     if [ -f "$networkFuncs" ]; then
 86 | 	IF=`. $networkFuncs; network_get_device netdev $1; echo $netdev`
 87 | 	[ -n "$IF" ] && echo $IF && return
 88 |     fi
 89 | 
 90 |     if [ -n "$uci" -a -x "$uci" ]; then
 91 | 	IF=`$uci get network.${1}.ifname 2>/dev/null`
 92 | 	[ $? -eq 0 -a -n "$IF" ] && echo $IF && return
 93 |     fi
 94 | 
 95 |     if [ -n "$nvram" -a -x "$nvram" ]; then
 96 | 	IF=`$nvram get ${1}_ifname 2>/dev/null`
 97 | 	[ $? -eq 0 -a -n "$IF" ] && echo $IF && return
 98 |     fi
 99 | }
100 | 
101 | detectLAN()
102 | {
103 |     [ -e /sys/class/net/br-lan ] && echo br-lan && return
104 |     lan=$(detectIF lan)
105 |     [ -n "$lan" ] && echo $lan && return
106 | }
107 | 
108 | detectWAN()
109 | {
110 |     [ -n "$WAN_IF" ] && echo $WAN_IF && return
111 |     wan=$(detectIF wan)
112 |     [ -n "$wan" ] && echo $wan && return
113 |     wan=$(ip route show 2>/dev/null | grep default | sed -re '/^default/ s/default.*dev +([^ ]+).*/\1/')
114 |     [ -n "$wan" ] && echo $wan && return
115 |     [ -f "$networkFuncs" ] && wan=$(. $networkFuncs; network_find_wan wan; echo $wan)
116 |     [ -n "$wan" ] && echo $wan && return
117 | }
118 | 
119 | lock()
120 | {
121 |     attempts=0
122 |     while [ $attempts -lt 10 ]; do
123 | 	mkdir $lockDir 2>/dev/null && break
124 | 	attempts=$((attempts+1))
125 | 	pid=`cat $pidFile 2>/dev/null`
126 | 	if [ -n "$pid" ]; then
127 | 	    if [ -d "/proc/$pid" ]; then
128 | 		[ -n "$DEBUG" ] && echo "WARNING: Lockfile detected but process $(cat $pidFile) does not exist !"
129 | 		rm -rf $lockDir
130 | 	    else
131 | 		sleep 1
132 | 	    fi
133 | 	fi
134 |     done
135 |     mkdir $lockDir 2>/dev/null
136 |     echo $$ > $pidFile
137 |     [ -n "$DEBUG" ] && echo $$ "got lock after $attempts attempts"
138 |     trap '' INT
139 | }
140 | 
141 | unlock()
142 | {
143 |     rm -rf $lockDir
144 |     [ -n "$DEBUG" ] && echo $$ "released lock"
145 |     trap "rm -f /tmp/*_$$.tmp; kill $$" INT
146 | }
147 | 
148 | # chain
149 | newChain()
150 | {
151 |     chain=$1
152 |     # Create the RRDIPT_$chain chain (it doesn't matter if it already exists).
153 |     iptables -t mangle -N RRDIPT_$chain 2> /dev/null
154 |     
155 |     # Add the RRDIPT_$chain CHAIN to the $chain chain if not present
156 |     iptables -t mangle -C $chain -j RRDIPT_$chain 2>/dev/null
157 |     if [ $? -ne 0 ]; then
158 | 	[ -n "$DEBUG" ] && echo "DEBUG: iptables chain misplaced, recreating it..."
159 | 	iptables -t mangle -I $chain -j RRDIPT_$chain
160 |     fi
161 | }
162 | 
163 | # chain tun
164 | newRuleIF()
165 | {
166 |     chain=$1
167 |     IF=$2
168 |     
169 |     #!@todo test
170 |     if [ "$chain" = "OUTPUT" ]; then
171 | 	cmd="iptables -t mangle -o $IF -j RETURN"
172 | 	eval $cmd " -C RRDIPT_$chain 2>/dev/null" || eval $cmd " -A RRDIPT_$chain"
173 |     elif [ "$chain" = "INPUT" ]; then
174 | 	cmd="iptables -t mangle -i $IF -j RETURN"
175 | 	eval $cmd " -C RRDIPT_$chain 2>/dev/null" || eval $cmd " -A RRDIPT_$chain"
176 |     fi
177 | }
178 | 
179 | update()
180 | {
181 |     #!@todo could let readDB.awk handle this; that would place header
182 |     #!info in fewer places
183 |     createDbIfMissing
184 |     
185 |     checkDB
186 |     checkWAN
187 | 
188 |     > /tmp/iptables_$$.tmp
189 |     lock
190 |     # only zero our own chains
191 |     for chain in $chains; do
192 | 	iptables -nvxL RRDIPT_$chain -t mangle -Z >> /tmp/iptables_$$.tmp
193 |     done
194 |     # the iptables and readDB commands have to be separate. Otherwise,
195 |     # they will fight over iptables locks
196 |     awk -v mode="$mode" -v interfaces=\""$interfaces"\" -f $binDir/readDB.awk \
197 | 	$DB \
198 | 	/proc/net/arp \
199 | 	/tmp/iptables_$$.tmp
200 |     unlock
201 | }
202 | 
203 | ############################################################
204 | 
205 | case $1 in
206 |     "dump" )
207 | 	checkDbArg
208 | 	lock
209 | 	tr ',' '\t' < "$DB"
210 | 	unlock
211 |     ;;
212 | 
213 |     "update" )
214 | 	checkDbArg
215 | 	wan=$(detectWAN)
216 | 	interfaces="$interfaces $wan"
217 | 	update
218 | 	rm -f /tmp/*_$$.tmp
219 | 	exit
220 | 	;;
221 | 
222 |     "publish" )
223 | 	checkDbArg
224 | 	[ -z "$3" ] && echo "ERROR: Missing argument 3 (output html file)" && exit 1
225 | 	
226 | 	# sort DB
227 | 	lock
228 | 
229 | 	# busybox sort truncates numbers to 32 bits
230 | 	grep -v '^#' $DB | awk -F, '{OFS=","; a=sprintf("%f",$4/1e6); $4=""; print a,$0}' | tr -s ',' | sort -rn | awk -F, '{OFS=",";$1=sprintf("%f",$1*1e6);print}' > /tmp/sorted_$$.tmp
231 | 
232 |         # create HTML page
233 | 	rm -f $3.tmp
234 | 	cp $dataDir/usage.htm1 $3.tmp
235 | 
236 | 	#!@todo fix publishing
237 | 	while IFS=, read PEAKUSAGE_IN MAC IP IFACE PEAKUSAGE_OUT TOTAL FIRSTSEEN LASTSEEN
238 | 	do
239 | 	    echo "
240 | new Array(\"$(lookup $MAC $IP $4)\",\"$MAC\",\"$IP\",
241 | $PEAKUSAGE_IN,$PEAKUSAGE_OUT,$TOTAL,\"$FIRSTSEEN\",\"$LASTSEEN\")," >> $3.tmp
242 | 	done < /tmp/sorted_$$.tmp
243 | 	echo "0);" >> $3.tmp
244 | 	
245 | 	sed "s/(date)/`date`/" < $dataDir/usage.htm2 >> $3.tmp
246 | 	mv $3.tmp $3
247 | 
248 | 	unlock
249 | 	
250 | 	#Free some memory
251 | 	rm -f /tmp/*_$$.tmp
252 | 	;;
253 |     
254 |     "setup" )
255 | 	checkDbArg
256 | 	[ -w "$DB" ] && echo "Warning: using existing $DB"
257 | 	createDbIfMissing
258 | 	
259 | 	for chain in $chains; do
260 | 	    newChain $chain
261 | 	done
262 | 
263 | 	#lan=$(detectLAN)
264 | 	wan=$(detectWAN)
265 | 	checkWAN
266 | 	interfaces="$interfaces $wan"
267 | 
268 | 	# track local data
269 | 	for chain in INPUT OUTPUT; do
270 | 	    for interface in $interfaces; do
271 | 		[ -n "$interface" ] && [ -e "/sys/class/net/$interface" ] && newRuleIF $chain $interface
272 | 	    done
273 | 	done
274 | 
275 | 	# this will add rules for hosts in arp table
276 | 	update
277 | 
278 | 	rm -f /tmp/*_$$.tmp
279 | 	;;
280 | 
281 |     "remove" )
282 | 	iptables-save | grep -v RRDIPT | iptables-restore
283 | 	rm -rf "$lockDir"
284 | 	;;
285 | 
286 |     *)
287 | 	echo \
288 | "Usage: $0 {setup|update|publish|remove} [options...]
289 | Options:
290 |    $0 setup database_file
291 |    $0 update database_file
292 |    $0 publish database_file path_of_html_report [user_file]
293 | Examples:
294 |    $0 setup /tmp/usage.db
295 |    $0 update /tmp/usage.db
296 |    $0 publish /tmp/usage.db /www/user/usage.htm /jffs/users.txt
297 |    $0 remove
298 | Note: [user_file] is an optional file to match users with MAC addresses.
299 |        Its format is \"00:MA:CA:DD:RE:SS,username\", with one entry per line."
300 | 	;;
301 | esac
302 | 


--------------------------------------------------------------------------------