I love IPIFire especially after the feature addition of “IP Address Blocklists” in latest update.
The only thing that’s bugging me is lack of an easy way to monitor and keep record of per IP bandwidth usage.
Can someone guide me with main steps for a DYI approach they are using to achieve what I am after – that is, to visually monitor and keep historical record of per IP data usage?
The command line tools like iptraf-ng and pmacct are not for me.
I tried to pull data from snmp to Zabbix (server and agent set-up) and while I got some data being pulled from IPFire, I could not get per host data because of my lack of experience with these tools, on first time use. Also, Zabbix server seems heavy on my computer.
I tried the telegraf+net-snmp+InfluxDB+Grafana route, but with little success.
Thank you Jon. What would be a decent way to pull pmacct data and show it visually on a separate computer? Aside from the way one of our friend here (I read that) doing it in Excel sheet + Pivot tables.
And for the devs, just wondering, I’ve known IPfire from IPCop days; is this feature a really tough nut to crack? Programming/effort wise.
pmacct can be set-up to store in a database called sqlite3. And with sqlite3 it is fairly easy to export to a csv file.
Keep in mind if you store pmacct in a database once per minute (or even once every 5 minutes) the csv export will be way too big for Excel. You may need to store once per hour to keep things manageable.
The slightly harder part would be for you to create a script to automate…
tough: “maybe”. impossible: “no” You don’t need any heavy duty skills to do the above. If you are comfortable woking in the console / Terminal and know some programming you should be fine.
Hi all,
for the first @jon, great to see your “Biggest User project” guide and your effort in this project .
According to the CSV formatting, you can do this also without sqlite but with the memory table plugin → pmacct/QUICKSTART at master · pmacct/pmacct · GitHub which i think is the cheapest solution according to the storage.
For a webinterface look like, there should be different examples already available may in the logs section, one might be also the iptables.cgi with not that much modification you can sort the Pmacct output also by bytes e.g.:
I am on Step 2 of your guide and I am encountering an error when I run this:
./addr_byMonth.sh /var/spool/pmacct/pmacct_sqlitev1a.db
Parse error near line 2: near ".": syntax error
.timer ON CREATE VIEW addr_byMonth (ip_addr, mac_addr, totalBytes
^--- error here
Ah, never mind. Found the solution. The dot commands can’t have any white space in beginning, the doc says:
A dot-command has a more restrictive structure:
- It must begin with its "." at the left margin with no preceding whitespace.
- It must be entirely contained on a single input line.
- It cannot occur in the middle of an ordinary SQL statement. In other words, it cannot occur at a continuation prompt.
- There is no comment syntax for dot-commands.