Quota page not displayed
Moderator: Moderators
Re: Quota page not displayed
Web usage is not displaying web sites visited.
Re: Quota page not displayed
I think what's going on is that the improvements have greatly increased the speed and efficiency with which packets are processed. The catch is that the web monitor now cannot keep up... it's going too slow and not all packets are getting logged. I'm working on the problem now.
Re: Quota page not displayed
Looks like I was wrong, this bug has evidently been around for a while but somehow didn't get noticed until now. The problem was the length of the TCP header wasn't getting calculated properly, so the program was seeing a bunch of garbage at the beginning of the packet contents that was often getting interpretted improperly, and a lot of URLs were getting ignored.
This should be fixed now -- new bleeding edge firmware has been uploaded.
This should be fixed now -- new bleeding edge firmware has been uploaded.
Re: Quota page not displayed
Hi Eric
Thanks for the updated FW - I have loaded it and will monitor how this works!
One question - is it still possible to access the quota logs (used to be in /usr/data/restricter)? I see a new folder called bwmon, but the entries are in a binary format.
Thanks for the updated FW - I have loaded it and will monitor how this works!
One question - is it still possible to access the quota logs (used to be in /usr/data/restricter)? I see a new folder called bwmon, but the entries are in a binary format.
Regards, Nigel
Re: Quota page not displayed
The quota data is now stored in the firewall uci config file. I'm doing it this way because when the quotas get reinitialized the old values are now parameters that get used. If you run "uci show firewall", look in all the quota sections. You'll see one value for each direction defined (firewall.my_quota.[direction]_used=[bytes used]).
Note that you may see more bytes used than what is allowed by the quota, when the limit gets reached. This is because this gets incremented every time a new packet hits the quota rule, even if immediately afterwards the packet gets REJECTED. The quota will effectively shut down traffic, but be aware that if anyone tries to connect those packets will keep incrementing the value.
Also, in the new implementation, the quotas get backed up every 4 hours instead of once a day as before.
Note that you may see more bytes used than what is allowed by the quota, when the limit gets reached. This is because this gets incremented every time a new packet hits the quota rule, even if immediately afterwards the packet gets REJECTED. The quota will effectively shut down traffic, but be aware that if anyone tries to connect those packets will keep incrementing the value.
Also, in the new implementation, the quotas get backed up every 4 hours instead of once a day as before.
Re: Quota page not displayed
Thanks Eric, I have downloaded it and testing, so far so good. Are you still going to work on the idea that each user will be able to display a web page showing what quota they have left?
Thanks
Thanks
Re: Quota page not displayed
As I said in my email, I do think this is a good idea. While admins can currently see the status of all quota, each user should probably have a way to check their own quota too, without having admin access.
There are a couple bugs reported in this forum I have to address first (fixing bugs take priority over new features), but I do intend to work on this next. My plan is to do a bit more than just making a generic quota page though: I'm going to update the login system for Gargoyle while I'm at it, to use cookies instead of http authentication. Using cookies means that users can log-out without closing the browser, which will prevent cross-site scripting attacks, and thus make the system more secure. Under this system, there will be a web login page that will be displayed that will prompt for a password necessary for admin access. I'm going to have the login page also display current quota information about the IP of the user connecting, so it's available to anyone without logging in.
Redoing this system may take a couple of weeks though. So, yes I'm working on it, but because this is tied in with redoing the authentication system it will take some time.
There are a couple bugs reported in this forum I have to address first (fixing bugs take priority over new features), but I do intend to work on this next. My plan is to do a bit more than just making a generic quota page though: I'm going to update the login system for Gargoyle while I'm at it, to use cookies instead of http authentication. Using cookies means that users can log-out without closing the browser, which will prevent cross-site scripting attacks, and thus make the system more secure. Under this system, there will be a web login page that will be displayed that will prompt for a password necessary for admin access. I'm going to have the login page also display current quota information about the IP of the user connecting, so it's available to anyone without logging in.
Redoing this system may take a couple of weeks though. So, yes I'm working on it, but because this is tied in with redoing the authentication system it will take some time.
Re: Quota page not displayed
Excellent thanks.
Re: Quota page not displayed
Hi Eric
I have noticed that, with the bleeding-edge firmware mentioned above, the quotas reset to zero if I do a System -> Reboot.
The strange thing is, after re-booting, the Status -> Bandwidth Usage - Total Bandwidth Usage section now shows summary usage data for the date "10/6/2018" and "10/7/2018"
I also noticed that the Status -> Bandwidth Usage graphs sometimes do not display anything - no axes, no grid etc. just a white background. I am not absolutely sure, but I think that I also saw this once in Beta 5. This may be a graphics card issue, so I would wait for others to confirm if they have picked up this last point.
I have noticed that, with the bleeding-edge firmware mentioned above, the quotas reset to zero if I do a System -> Reboot.
The strange thing is, after re-booting, the Status -> Bandwidth Usage - Total Bandwidth Usage section now shows summary usage data for the date "10/6/2018" and "10/7/2018"
I also noticed that the Status -> Bandwidth Usage graphs sometimes do not display anything - no axes, no grid etc. just a white background. I am not absolutely sure, but I think that I also saw this once in Beta 5. This may be a graphics card issue, so I would wait for others to confirm if they have picked up this last point.
Regards, Nigel
Re: Quota page not displayed
Ok, I fixed the problem with the quotas not getting reset after reboot. New bleeding edge firmware has been uploaded.
The problem was with the time, actually. I'm still not sure exactly how the time got sent to the future on your router, but what was happening was that at bootup, the time wasn't getting set until after the firewall was initialized. When the old quota data was specified, the times didn't match up, so the quota thought the data didn't apply any more and reset itself. I've adjusted it so that there's a "backup time" parameter that gets set every few hours and when you reboot via the web interface, so I can restore from that immediately after boot and time will be in the ballpark before the ntp update kicks in.
The problem was with the time, actually. I'm still not sure exactly how the time got sent to the future on your router, but what was happening was that at bootup, the time wasn't getting set until after the firewall was initialized. When the old quota data was specified, the times didn't match up, so the quota thought the data didn't apply any more and reset itself. I've adjusted it so that there's a "backup time" parameter that gets set every few hours and when you reboot via the web interface, so I can restore from that immediately after boot and time will be in the ballpark before the ntp update kicks in.