Description
This IP accounting tool is a script-based tool for logging the traffic to and from the individual pc's in the LAN from and to the WAN on an hourly basis during the last week and on a per day basis during the last year. LAN interface is br0, WAN interface is eth1. By deploying a simple cgi construction (compiled in the busybox_hhtpd) a shell script can generate HTML output. To assist the shell script a number of AWK scripts are deployed. The traffic that has been logged can be viewed using simple HTML-based bar charts which are also generated by an AWK script.
Function
Two user-defined chains (traffic_in and traffic_out) are created in iptables and are hooked up in the FORWARD chain. Rules are added to the chain to match the traffic for each IP address in both directions.
Using crond every hour the counters of the user-defined iptables chains are added to a file stored in the /tmp directory. Every IP address has a unique data logging file for in and outward direction. Every day @ 23:59 a final counter readout is added to the .dat files. The total traffic per IP address is added inclusive the date to the .tot files. The .dat files are then copied to files bearing the day of the week as an extension. In this way the data file of the day of exactly a week earlier is overwritten. Each 1st day of the month the .tot files containing the traffic on a per day basis are copied to files bearing the month as an extension (to be exact, the (month-1) mod 12 as an extension).
The traffic.cgi script creates two drop down SELECT HTML objects from which a GET method initiates a script for the daily statistics and monthly statistics respectively.
Assumptions
For these IP accounting scripts to work it is necessary to use an external USB memory device (e.g. memory stick) to store the scripts. Also it is assumed that you have the full busybox (including the crond and awk applet) somewhere available.
Installation steps
1) On this device two directories need to be created from the root of the usb device (/tmp/harddisk/) or /mnt/usbfs in older firmwares):
www/cgi-bin
and
accounting
2) Change the init.sh if you use different locations. Also a pointer to the AWK applet is defined in the init.sh script. Copy two tar files to a temporary directory on the usb device
3) installation of cgi scripts
cd /tmp/harddisk/www/cgi-bin tar -xvf cgi-bin.tar
4) installation of accounting scripts
cd /tmp/harddisk/accounting tar -xvf accounting.tar
5) configuring ipaddress.txt
cd /tmp/harddisk/accounting vi ipaddress.txt
change the pc names and their respective IP addresses. Either use fixed IP addresses on the PC, or use fixed DHCP IP addresses by adding them in the WEB control panel of the Asus. (check the /etc/ethers file.for correct entries).
6) create iptables entries
./add_iptables.sh
this script reads the IP addresses from the ipaddress.txt file and create coreesponding iptables entries
7) initiate cron
./mkcron.sh
This script creates the correct crontabs directory and copies the root crontab to that location. Now the cron deamon needs to be started by:
FULL_BUSYBOX crond
where FULL_BUSYBOX points to the busybox executable containing the crond applet.
8) initiate httpd
Because the WEB management of the Asus already deploys port 80 for the HTTPD, we need to initiate another httpd on another port, e.g. port 81.
cd /tmp/harddisk/www
busybox_httpd -p 81 -u admin
If you want to protect the cgi scripts by a username/password, use:
busybox_httpd -p 81 -u admin -c /tmp/harddisk/accounting/httpd.conf
In this conf file you set the subdir and the username (=traffic) and password (=password).
Check things running
A) iptables -L should show all entries for the PC's
B) ls /tmp/*.dat should show the data logging files (only uodated ones an hour)
C) browse to 
http://my.router:81/cgi-bin/traffic.cgi to initiate the graphs.
Memory usage in /tmp
Because all logging is put in the /tmp, it is good to know that one week logging costs approx 10kB and for every additional month another 1kB. This is very reasonable.
Troubleshooting
- Check you scripts with vi, if they contain strange ^M chars etc. they have been saved in windows formating. Use dos2unix applet found in full busybox. (Ex. /tmp/harddisk/busybox dos2unix -u *)
TO DO:
1) rem_iptables script not working yet
2) auto install
3) differentiation to services (http, ftp, ssh, etc.)
4) maybe use javascript to make nicer drawings
5) store logging to memory stick
6) running with firmware 1.8xx and up
7) On newer Firmware use /tmp/harddisk/ as location for usb hd/stick