-
Notifications
You must be signed in to change notification settings - Fork 15
/
wrtbwmon
executable file
·222 lines (189 loc) · 6.23 KB
/
wrtbwmon
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
#!/bin/sh
#
# Traffic logging tool for OpenWRT-based routers
#
# Created by Emmanuel Brucy (e.brucy AT qut.edu.au)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# Hacked by Ibird Yuan and Zeng ShaoJian
# We Make it to update to 'data.json' and sync to '/etc/config/wireless' to # control the traffic.
LAN_IFACE=${2} || $(nvram get lan_ifname)
WAN='eth1.1'
# Get the filter file
# For example, we can filter the intranet traffic
FILTER='/www/FControl/filter.txt'
JSON='/www/FControl/data.json'
WIRELESS='/etc/config/wireless'
if [ ! -f $JSON ];then
echo "The Json file is missing!"
exit
fi
if [ ! -f $WIRELESS ];then
echo "The Wireless file is missing"
exit
fi
#use SED to annotate the mac address in the file
#Make the mac address unwork
del_mac ()
{
mac=$1
if [ -z $mac ];then
echo "Need Macaddress"
exit
fi
#del mac user
sed -i "/$mac/ s/\tlist/#list/" $WIRELESS
}
case ${1} in
"setup" )
#Create the RRDIPT CHAIN (it doesn't matter if it already exists).
iptables -N RRDIPT 2> /dev/null
#Create the FILTER CHAIN (it doesn't matter if it already exists).
iptables -N FILTER 2> /dev/null
#Add the FILTER CHAIN to the FORWARD chain (if non existing).
iptables -L FORWARD --line-numbers -n | grep "FILTER" | grep "1" > /dev/null
if [ $? -ne 0 ]; then
iptables -L FORWARD -n | grep "FILTER" > /dev/null
if [ $? -ne 0 ]; then
iptables -D FORWARD -j FILTER
fi
iptables -I FORWARD -j FILTER
fi
#Add the RRDIPT CHAIN to the FORWARD chain (if non existing).
iptables -L FORWARD --line-numbers -n | grep "RRDIPT" | grep "2" > /dev/null
if [ $? -ne 0 ]; then
iptables -L FORWARD -n | grep "RRDIPT" > /dev/null
if [ $? -ne 0 ]; then
iptables -D FORWARD -j RRDIPT
fi
iptables -I FORWARD 2 -j RRDIPT
fi
#For each ip in the filter table
[ -f $FILTER ] && cat $FILTER |while read IP ;
do
iptables -nL FILTER |grep "${IP}" > /dev/null
if [ $? -ne 0 ]; then
iptables -I FILTER -s ${IP} -j ACCEPT
iptables -I FILTER -d ${IP} -j ACCEPT
fi
done
#For each host in the ARP table
grep ${LAN_IFACE} /proc/net/arp | while read IP TYPE FLAGS MAC MASK IFACE ;
do
#Add iptable rules (if non existing).
iptables -nL RRDIPT | grep "${IP} " > /dev/null
if [ $? -ne 0 ]; then
iptables -I RRDIPT -d ${IP} -j RETURN
iptables -I RRDIPT -s ${IP} -j RETURN
fi
done
;;
"update" )
#Read and reset counters
traffic=`iptables -L RRDIPT -vnxZ -t filter `
grep -v "0x0" /proc/net/arp | grep -v 'IP address' | grep -v $WAN | while read IP TYPE FLAGS MAC MASK IFACE
do
#Add new data to the graph. Count in Kbs to deal with 16 bits signed values (up to 2G only)
#Have to use temporary files because of crappy busybox shell
echo "$traffic" | grep ${IP} | while read PKTS BYTES TARGET PROT OPT IFIN IFOUT SRC DST
do
[ "${DST}" = "${IP}" ] && echo ${BYTES} > /tmp/in.tmp
[ "${SRC}" = "${IP}" ] && echo ${BYTES} > /tmp/out.tmp
done
IN=$(cat /tmp/in.tmp)
OUT=$(cat /tmp/out.tmp)
rm -f /tmp/in.tmp
rm -f /tmp/out.tmp
if [ ${IN} -gt 0 -o ${OUT} -gt 0 ]; then
echo "DEBUG : New traffic for ${MAC} since last update : ${IN}k:${OUT}k"
# compute the number of the user's mac address
# detail see the data.json
nf=0
content=`grep ${MAC} $JSON`
nf=`echo $content | tr ',' '\n' |grep -c 'mac'`
nf=$((nf*4+4))
i=5
# get the mac address's old flow
while [ $i -lt $nf ]
do
line=`echo $content | cut -d, -f$i | grep ${MAC} | wc -l`
if [ $line -eq 1 ] ;then
in=$(echo ${content} | cut -d, -f$((i+1)) | awk -F\" '{print $4}' )
out=$(echo ${content} | cut -d, -f$((i+2)) | awk -F\" '{print $4}')
break
fi
i=$((i+4))
done
PEAKUSAGE_IN=$((in+IN))
PEAKUSAGE_OUT=$((out+OUT))
nowflow=`echo $content|grep $MAC|tr ',:"' ' ' |awk '{print $7}'`
nowflow=$((nowflow+OUT+IN));
#update nowflow and in and out flow to the file
sed -i "/$MAC/ s/nowflow\":\"[0-9]*\"/nowflow\":\"$nowflow\"/" $JSON
sed -i "s/\"${MAC}\",\"in\":\"$in\",\"out\":\"$out\"/\"${MAC}\",\"in\":\"${PEAKUSAGE_IN}\",\"out\":\"${PEAKUSAGE_OUT}\"/" $JSON
fi
done
# Free some memory
rm -f /tmp/*_$$.tmp
;;
"clear" )
#bake-up the file
cp $JSON $JSON.`date -I`
#clear
sed -i "s/nowflow\":\"[0-9]*\"/nowflow\":\"0\"/" $JSON
sed -i "s/in\":\"[0-9]*\",\"out\":\"[0-9]*\"/in\":\"0\",\"out\":\"0\"/g" $JSON
#sync
sed -i "s/^#//" $WIRELESS
;;
"sync" )
cp $WIRELESS $WIRELESS.bak
config=`grep -v 'list maclist' $WIRELESS.bak > $WIRELESS`
for line in `grep 'name' $JSON`
do
total=`echo $line | cut -d, -f2 | awk -F\" '{print $4}'`
nowflow=`echo $line | cut -d, -f3 | awk -F\" '{print $4}'`
nf=`echo $line |tr ',' '\n'| grep -c 'mac'`
i=5
nf=$((nf*4+4))
while [ $i -lt $nf ]
do
mac=`echo $line | cut -d, -f$i | awk -F\" '{print $4}'`
if [ $total -gt $nowflow ];then
echo -e "\tlist maclist $mac" >> $WIRELESS
else
echo -e "#\tlist maclist $mac" >> $WIRELESS
fi
i=$((i+4))
done
done
rm -f $WIRELESS.bak
(wifi down;wifi up)&
;;
*)
echo "Usage : $0 {setup|update|clear|sync} [options...]"
echo "Options : "
echo " $0 setup"
echo " $0 update"
echo " $0 clear"
echo " $0 sync"
echo "Examples : "
echo " $0 setup br-lan"
echo " $0 update"
echo " $0 clear"
echo " $0 sync"
exit
;;
esac