Cable Modem Counter

Nuno Sucena Almeida

v0.28, March 2002

This document describes how to use the Cable Modem Counter Software, a simple but fully extensible network statistics gathering software.

1. Cable Counter Daemon

1.1 Installing and Running the Daemon

After compiling the software with something like:

./configure --prefix=/usr/local/cable_counter

make

the simplest way to run the daemon is to call it from sbin/cable_counterd but you should first take a look at the configuration file , described in the next section ( ).

You will also need to create the log directory by hand and an optional net_record file (an example is provided).

When you start the daemon it puts itself in background and the debug and error reporting is done through the LOG_DAEMON syslog facility. So, check if there are any errors when starting the daemon and/or running scripts/connections.

1.2 Configuration File

The daemon reads the configuration from $prefix/etc/cable_counterd.conf , where prefix was the parameter passed to the configure script. If it's empty, it should be /usr/local/ , so the configuration file is /usr/local/etc/cable_counterd.conf

Here is a summary of all the available options you can set in the configuration file:

log_directory

directory where the daemon puts its log files and you must create this directory or else the daemon will exit. (default:/var/log/cable_counter)

log_file

file name initial name part (default:cable_counter)

log_update_delay

log file update interval in seconds (default:60)

interface

network interface name (default: first detected ethernet interface)

net_connection

allow net connection application support (default:no)

listen_port

network application connection listen port (default:56891)

listen_address

network connection listen IP address (default: 0.0.0.0 - all interfaces )

max_connections

maximum number of pending connections (default:5)

net_record_file

network database file (default:share/cable_counter/net_record.txt)

script

script command. you can have any number of script (or any program) lines and the format is simple: command,delay period in seconds. example:

script=/usr/local/bin/cable_script_daily.sh,86400

1.3 Running Local Scripts

Local scripts or any other program can be run periodically and can communicate with the daemon through the standard output and receive information through the standard input. The complete list of commands can be found in the next section ( ).

Here is a simple example which is called by the daemon and gathers the total InBound and OutBound traffic. You must insert a script=command,delay line in the configuration file (See ): 

#!/bin/sh
# This script sends the 'sh_ip' command to the daemon. Then it waits for the
# list which is terminated by a '_DONE_' string and sends it to a file named
# /tmp/doink.txt . After that a simple awk script counts the total bytes
# and outputs these values and the ip record lines to another file, 
# /tmp/doink_new.txt
# WARNING: this script is insecure since the daemon is run as root and this 
# script uses a predictable filename. This is only a simple example!
 
file=/tmp/doink.txt
sfile=/tmp/doink_new.txt
rm -f $file
 
echo "sh_ip"
while :;
do
        read blabla
        if [ "$blabla" == "_DONE_" ];then
         break;
        fi
        echo $blabla >> $file
done
awk 'BEGIN {FS="[;:]"} 
{ print $0; sum +=$6 } 
END { print "total bytes: " sum }' \
$file > $sfile

1.4 List of Commands

The following commands can be sent to the daemon by local scripts or from remote applications and all of them finish with the _DONE_ string.

sh_ip

Show current IP Records statistics. Format: src:X.X.X.X;dst:Y.Y.Y.Y;bytes:ZZZZZ;dir:WWW

X.X.X.X

is the host source IP

Y.Y.Y.Y

is the host destination IP

ZZZZZ

is the amount of bytes

WWW

is the direction of traffic, which can be In for Inbound, Out for OutBound or N/A for ethernet broadcasts.

sh_net

Show net records with given TAG. Format: net:A.A.A.A;mask:B.B.B.B;tag:CCC;description:DDD

A.A.A.A

is the network IP address

B.B.B.B

is the netmask

CCC

is the tag name

DDD

is the user description for that network

mix_in_tag

Create list of IP Records that belong to the net records with given TAG. Format: src:X.X.X.X;dst:Y.Y.Y.Y;bytes:ZZZZZ;dir:WWW;src_net:WIS;dst_net:WIS

WIS

can be Y if the (src/dst)_net belongs to any of the nets with tag TAG or N if not.

sh_tr

Show the total traffic bytes of IP Records that belong to the net records with given TAG

help

Show help

version

Show program information

quit

this network session

Here is a simple telnet session: 

telnet 0 12345
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
 sh_net it-co
net:193.136.94.0;mask:255.255.255.0;tag:it-co;description:IT-Pólo Coimbra
_DONE_
 sh_tr nacional
Partial (nacional):
         In =           289364284 bytes
        Out =            42979884 bytes
        N/A =                   0 bytes
Remain (nacional):
         In =            67772934 bytes
        Out =            32729625 bytes
        N/A =            18850431 bytes
_DONE_
quit
Connection closed by foreign host.

1.5 Network database file format

The share/cable_counter/net_record.txt file contains network information in the format:

net;mask;tag;description

The ';' can also be '/' or ':'.

The mask can be in the X.X.X.X or /bitmask format and the tag and description are optional. An example:

193.136.238.0;255.255.255.0;deec;DEEC-Universidade Coimbra

193.137.0.0/255.255.0.0

193.136.94.0/24;it-co;IT - Pólo de Coimbra

2. Cable Counter Remote Application

3. Authors

4. Usefull Links