Shape/Track Bandwidth - Finalize IPTables: Difference between revisions

System Prep

• apt-get install tcng xtables-addons-source xtables-addons-common nbtscan linux-headers-$(uname -r) automake libtool libfile-tail-perl libtext-trim-perl libdatetime-format-mail-perl libnet-sslglue-perl
• Note: as of Apr2014, tcng must be installed from wheezy (update sources.list && apt-get install tcng/wheezy)

Configure Traffic Control

• vi /root/scripts/qos.tc
• echo \#\!\/bin\/bash > /root/scripts/qos.sh; tcng /root/scripts/qos.tc >> /root/scripts/qos.sh
• vi /root/scripts/qos.reset.sh
• bash /root/scripts/qos.reset.sh; bash /root/scripts/qos.sh

Install and Configure Bandwidth Accounting and Reporting

• m-a prepare
• m-a a-i -t xtables-addons-source
  • NOV7/2014 - build fails. $(ln -s /usr/src /tmp/buildd); $(m-a a-i -t xtables-addons-source); let it fail; $(cd /usr/src/modules/xtables-addons; ./configure; make; make install)
• echo xt_ACCOUNT >> /etc/modules
• modprobe xt_ACCOUNT
• depmod -a
• vi /root/scripts/bwrpt.pl
• crontab -e
  • 9-59/10 * * * * PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin; /usr/bin/perl /root/scripts/bwrpt.pl <= Note: on large networks this can take a few minutes to run, and it needs to complete it's data collection before 00:00, so you may need to set it to start at 58 or 57

Finalize IPTables Configuration

• vi /root/scripts/iptables-restore
• iptables-restore < /root/scripts/iptables-restore
• iptaccount -a <= Make sure these three lines show up:
  Found table: wan
  Found table: computerisms
  Found table: pubaccess
• From worklian:
  • telnet 192.168.25.15 25 <= Make sure you can telnet to ports 25, 80, 443, 587, 993, 995

Notes

• Aug30/2014 => module-assistant fails to build xtables-addons. after it fails do:
  • cd /usr/src/modules/xtables-addons/
  • /bin/bash build-aux/missing autoconf
  • ./configure
  • make -j1
  • m-a a-i -t -O xtables-addons