bandwidth monitoring

2020-02-26 21:47:38 +02:00 · 2020-02-26 21:47:38 +02:00 · 72ef74a0a5
parent 9039fece92
commit 72ef74a0a5
3 changed files with 54 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -82,4 +82,6 @@ As an alternative to installing debug packages inside your router, it's possible
 $ sudo ip netns exec ${CONTAINER} tcpdump -vvi any 
 ```
 ---
-## [OpenVPN Howto](./vpn.md)
+## [OpenVPN Howto](./vpn.md)
+
+## [Bandwidth Monitoring Howto](./monitoring.md)
--- a/monitoring.md
+++ b/monitoring.md
@ -0,0 +1,50 @@
+# Bandwidth Monitoring
+
+OpenWRT comes with a decent selection of traffic monitoring tools, both CLI and web UI. I use `nlbwmon`, which integrates well with the web interface and creates pretty graphs. Here's how to install it.
+
+## Enable conntrack accounting
+
+`nlbwmon` uses the Linux netfilter conntrack subsystem to track connections and packet counts, so you need to make sure the `nf_conntrack` kernel module is loaded on your host system (it probably is). But just to check:
+```
+$ lsmod | grep nf_conntrack
+```
+
+Conntrack accounting is off by default, so we have to enable it inside the container:
+```
+$ sudo ip netns exec ${CONTAINER} sysctl -w net.netfilter.nf_conntrack_acct=1
+```
+Alternatively this can be enabled when creating the container by adding the flag
+```
+--sysctl net.netfilter.nf_conntrack_acct=1
+```
+to the `docker create` command in `run.sh`.
+
+## Install packages
+Inside the container:
+```
+# opkg install nlbwmon luci-app-nlbwmon
+# service nlbwmon enable
+# service nlbwmon start
+```
+
+There should now be a "Bandwidth Monitor" section in LuCI.
+
+## Configuration
+The default configuration is extremely conservative with storage. Since we're not running on a device with 4MB flash storage, we can increase the defaults:
+
+```
+# cat <<EOF | uci import
+package nlbwmon
+config nlbwmon
+	option  refresh_interval      '30s'
+	option  database_directory    '/var/lib/nlbwmon'
+	option  database_interval     '1'
+	option  protocol_database     '/usr/share/nlbwmon/protocols'
+	option  commit_interval       '60s'
+	option  database_limit        '0'
+	option  database_generations  '0'
+	list    local_network         "${LAN_SUBNET}"
+	list    local_network         'lan'
+EOF
+# service nlbwmon restart
+```
--- a/run.sh
+++ b/run.sh
@ -93,6 +93,7 @@ function _create_or_start_container() {
      --hostname openwrt \
      --ip $LAN_ADDR \
      --sysctl net.ipv4.conf.default.arp_ignore=1 \
+      --sysctl net.netfilter.nf_conntrack_acct=1 \
      --name $CONTAINER $BUILD_TAG >/dev/null
    docker network connect $WAN_NAME $CONTAINER