YAMon 3.4 - usage monitoring for your router

Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions
Goto page Previous  1, 2, 3 ... 35, 36, 37 ... 44, 45, 46  Next
Author Message
al_c
DD-WRT Guru


Joined: 13 Apr 2013
Posts: 2134
Location: Ottawa Canada

PostPosted: Tue Oct 15, 2019 12:22    Post subject: New YANon v4 thread Reply with quote
I'm at a point where I think YAMon V4 is ready for a larger testing audience.

I've started a new thread for it... See https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=321690

I've also started a new page where I will be (eventually) post details & updates... https://usage-monitoring.com/v4-beta.php

Thanks for your continuing help

Al
Sponsor
ColoradoUser
DD-WRT Novice


Joined: 12 May 2018
Posts: 31
Location: Broomfield, Colorado USA

PostPosted: Fri Nov 15, 2019 20:35    Post subject: YaMON and Static Routes Reply with quote
Short version of my question: Should I expect YaMON to be able to pick up on traffic that is on a Static Route?

More info (or too much info):
Router r7800; DD-WRT v3.0-r35900M kongat ( 05/08/18 ); YaMON 3.4.7. Static Route assigned via Setup / Advanced / Static Routing using Interface “LAN & WLAN” and LAN IP 192.168.1.253. The route goes to a GSM7224v2 router with 2 VLANs behind it. Traffic is working just fine, and I would be fine with seeing the total traffic on 192.168.1.253 – not so worried about a traffic breakdown on the VLANs on that path.

As FYI, my main LAN is 192.168.1.xxx and I have 3 VLANs behind the r7800 (192.168.20.xxx, 192.168.30.xxx, and 192.168.40.xxx). All of this has been working for a couple of years and YaMON monitors and reports traffic on all the devices on this setup including the r7800 VLANs. I’m experimenting with the GSM7224v2 behind my r7800 because I frequently help friends by repairing their PCs/Laptops and I didn’t want to expose my networks to possible viruses and malware that might be on those devices. So, since all my r7800 VLANs were in use for home purposes I thought I might be able to add a couple more VLANs with the GSM.

YaMON does see the GSM on 192.168.1.253, and YaMON records a small amount of traffic on that route (probably the SNTP activity), but doesn’t see any of the traffic generated on the VLANs even though it is in the GB’s of traffic. From researching YaMON threads going way back I sometimes get the impression it should see the traffic, and other times perhaps not (because perhaps a static route isn’t going through the router???).

Looking forward to moving on to YaMON 4 when the smart guys doing Beta testing give a bunch of thumbs up. YaMON continues to be an amazing addition to the toolbox.

Thanks
Mike
al_c
DD-WRT Guru


Joined: 13 Apr 2013
Posts: 2134
Location: Ottawa Canada

PostPosted: Thu Nov 28, 2019 22:24    Post subject: Reply with quote
I am beginning to make real progress on the long promised, and frequently asked for, `access restrictions` functionality. In a nutshell, a modification to YAMon that will allow you to block internet access to devices at certain times (e.g., after 10pm on school nights).

It's taken a long while because it has to involve functionality on the router, in the reports and also on the usage-monitor.com server.

One of the first features I added in the YAMon reports was the ability to organize your devices into arbitrary logical groupings - e.g., by person or device location or function.
For some time now, things have been organized on the router so that it is easy to add/modify iptables rules which restrict access to the web for specific device groups. What was lacking was the ability to communicate updates in the reports back to the scripts that run on the router (because the standard web servers in the router firmware do not support cgi/bin functionality).

To get around that, I've had to add bits to route the updates through the usage-monitoring.com web site (where you will be able to setup the access restrictions) and then modify the scripts on the router to periodically check for updates.

The interface to add/edit the access restrictions is beginning to take shape at https://usage-monitoring.com/current/SetAccessRestrictions.php

Let me know what you think.

Al

_________________
Thanks to everyone for supporting YAMon!

If you use and like YAMon and have not done so recently, please consider making a donation - thanks!
YAMon GitHub Repository
scope2
DD-WRT User


Joined: 12 Jul 2017
Posts: 181

PostPosted: Sat Nov 30, 2019 9:59    Post subject: Reply with quote
Al,

I currently use access control on the router (dd-wrt), will this offer anything over and above what the router offers?

Also, what would be useful is an option to allow the device/ip/whatever to be online for say 2 hour per day, and once they reach this limit restrict access. Would anything like that be possible?
al_c
DD-WRT Guru


Joined: 13 Apr 2013
Posts: 2134
Location: Ottawa Canada

PostPosted: Sat Nov 30, 2019 14:07    Post subject: Reply with quote
scope2 wrote:
Al,

I currently use access control on the router (dd-wrt), will this offer anything over and above what the router offers?

Also, what would be useful is an option to allow the device/ip/whatever to be online for say 2 hour per day, and once they reach this limit restrict access. Would anything like that be possible?


I found that my kids (one in particular quickly defeated the stock access controls in DD-WRT - e.g., I blocked by IP address so he learned how to change his IP address; I blocked by MAC within a day or two he knew how to spoof his MAC. Both of which he could do from his machine (independent of the router).

In YAMon, I block by the defined group (as configured in users.js)... so if he changes his IP address, his devices stays in the same group (which is blocked); if he changes his MAC, it appears as a new device on the network and falls into the Unknown group (which is also blocked). He cannot change his group unless he has access to the router (which you control).

Not completely fool proof but IMHO, a better option than stock.

Al

_________________
Thanks to everyone for supporting YAMon!

If you use and like YAMon and have not done so recently, please consider making a donation - thanks!
YAMon GitHub Repository
mrvanes
DD-WRT Novice


Joined: 06 Dec 2019
Posts: 22

PostPosted: Sun Dec 08, 2019 10:53    Post subject: Reply with quote
Let me start by saying thanks for YaMon. It's exactly what I was looking for on my fresh DDWRT router. I've only recently migrated my local network to a DDWRT enabled router (Asus RT68U) and everything works as expected.

There is one minor inconvenience however: I'm seeing exactly this problem in my YaMon statistics:

https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1156323&highlight=yamon+download+upload

Download and Upload are inverted. I understand this must have something to do with my setup and ports assigned but I can't for the life of me see what I need to change to get proper download stats for devices actually downloading.

My setup is very similar to the reporter above. My ISP router is .1 in the LAN, DDWRT is .249 and acts as a switch for all ports, it is configured as gateway, but WLAN port is just connected to the switchport of my ISP router, which acts as the actual router and default gateway. No devices are connected to the LAN ports of the RT68U, it only does wireless.

I understand that counting traffic for the wired LAN devices is impossible in this situation, but I would expect the ingress traffic for my connected wl devices to be counted for as downloads instead of uploads?

My apologies if this has been discussed and maybe answered before. I searched the forum and couldn't find a definitive answer.
al_c
DD-WRT Guru


Joined: 13 Apr 2013
Posts: 2134
Location: Ottawa Canada

PostPosted: Sun Dec 08, 2019 16:40    Post subject: Reply with quote
mrvanes wrote:
Let me start by saying thanks for YaMon. It's exactly what I was looking for on my fresh DDWRT router. I've only recently migrated my local network to a DDWRT enabled router (Asus RT68U) and everything works as expected.

There is one minor inconvenience however: I'm seeing exactly this problem in my YaMon statistics:

https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1156323&highlight=yamon+download+upload

Download and Upload are inverted. I understand this must have something to do with my setup and ports assigned but I can't for the life of me see what I need to change to get proper download stats for devices actually downloading.

My setup is very similar to the reporter above. My ISP router is .1 in the LAN, DDWRT is .249 and acts as a switch for all ports, it is configured as gateway, but WLAN port is just connected to the switchport of my ISP router, which acts as the actual router and default gateway. No devices are connected to the LAN ports of the RT68U, it only does wireless.

I understand that counting traffic for the wired LAN devices is impossible in this situation, but I would expect the ingress traffic for my connected wl devices to be counted for as downloads instead of uploads?

My apologies if this has been discussed and maybe answered before. I searched the forum and couldn't find a definitive answer.


Are things also reversed in v4? I'm focussed on that release ATM and would want to fix it there. If it is a network setup issue, it might have to be a parameter that switches the order of the two data fields (which would be pretty easy to do)...

Can you send me the output from:
iptables -L YAMON34v4 -vnx | grep -v RETURN | grep -e '^\s*[1-9]' (again, run this in a PuTTY window... maybe run it a couple of times until you get a good representative set of values)

Thanks for your assistance.

Al

_________________
Thanks to everyone for supporting YAMon!

If you use and like YAMon and have not done so recently, please consider making a donation - thanks!
YAMon GitHub Repository
mrvanes
DD-WRT Novice


Joined: 06 Dec 2019
Posts: 22

PostPosted: Sun Dec 08, 2019 17:10    Post subject: Reply with quote
al_c wrote:
Can you send me the output from:
iptables -L YAMON34v4 -vnx | grep -v RETURN | grep -e '^\s*[1-9]' (again, run this in a PuTTY window... maybe run it a couple of times until you get a good representative set of values)


Code:
root@olympus:~# iptables -L YAMON34v4 -vnx | grep -v RETURN | grep -e '^\s*[1-9]'
       2      127 YAMON34v4_gp_Unknown  0    --  *      *       192.168.1.127        0.0.0.0/0           
      34     1360 YAMON34v4_gp_Unknown  0    --  *      *       192.168.1.115        0.0.0.0/0           
     106    14931 YAMON34v4_gp_Unknown  0    --  *      *       192.168.1.112        0.0.0.0/0           
root@olympus:~# iptables -L YAMON34v4 -vnx | grep -v RETURN | grep -e '^\s*[1-9]'
       2      127 YAMON34v4_gp_Unknown  0    --  *      *       192.168.1.127        0.0.0.0/0           
       1       52 YAMON34v4_gp_Unknown  0    --  *      *       192.168.1.111        0.0.0.0/0           
       1       76 YAMON34v4_gp_Unknown  0    --  *      *       192.168.1.141        0.0.0.0/0           
      44     1760 YAMON34v4_gp_Unknown  0    --  *      *       192.168.1.115        0.0.0.0/0           
     126    19866 YAMON34v4_gp_Unknown  0    --  *      *       192.168.1.112        0.0.0.0/0           
root@olympus:~# iptables -L YAMON34v4 -vnx | grep -v RETURN | grep -e '^\s*[1-9]'
       4      254 YAMON34v4_gp_Unknown  0    --  *      *       192.168.1.127        0.0.0.0/0           
       3      156 YAMON34v4_gp_Unknown  0    --  *      *       192.168.1.111        0.0.0.0/0           
       1       76 YAMON34v4_gp_Unknown  0    --  *      *       192.168.1.141        0.0.0.0/0           
      65     2947 YAMON34v4_gp_Unknown  0    --  *      *       192.168.1.115        0.0.0.0/0           
     152    24079 YAMON34v4_gp_Unknown  0    --  *      *       192.168.1.112        0.0.0.0/0           

This was while listening to a streaming service on my laptop (download on 192.168.1.112).

The head of the table looks like this:
Code:
root@olympus:~# iptables -L YAMON34v4 -vnx | head
Chain YAMON34v4 (1 references)
    pkts      bytes target     prot opt in     out     source               destination         
       0        0 YAMON34v4_gp_Unknown  0    --  *      *       0.0.0.0/0            192.168.1.127       
       2      127 YAMON34v4_gp_Unknown  0    --  *      *       192.168.1.127        0.0.0.0/0           
       0        0 RETURN     0    --  *      *       0.0.0.0/0            192.168.1.127       
       2      127 RETURN     0    --  *      *       192.168.1.127        0.0.0.0/0           
       0        0 YAMON34v4_gp_Unknown  0    --  *      *       0.0.0.0/0            192.168.1.139       
       0        0 YAMON34v4_gp_Unknown  0    --  *      *       192.168.1.139        0.0.0.0/0           
       0        0 RETURN     0    --  *      *       0.0.0.0/0            192.168.1.139       
       0        0 RETURN     0    --  *      *       192.168.1.139        0.0.0.0/0           
mrvanes
DD-WRT Novice


Joined: 06 Dec 2019
Posts: 22

PostPosted: Wed Dec 11, 2019 13:16    Post subject: Reply with quote
I installed YAMon4 but it has some slight drawbacks:

1. There's no data nor live usage.
2. There is a red cross "Reading from database..."
3. A red cross saying "Database name is null"
4. Numerous errors in console using Chrome 79. The attached log is from starting at Summary, going all the way down to Settings.

So, I can't say if this is still present in YAMon4, as I don't have any output from 4.



ddwrt-1576069958028.txt
 Description:
Chrome console log

Download
 Filename:  ddwrt-1576069958028.txt
 Filesize:  4.5 KB
 Downloaded:  296 Time(s)

mrvanes
DD-WRT Novice


Joined: 06 Dec 2019
Posts: 22

PostPosted: Wed Dec 11, 2019 13:25    Post subject: Reply with quote
Some more errors:

Code:
jquery.min.js:2 POST https://usage-monitoring.com/current/dismiss4.0.php 404 (Not Found)
send   @   jquery.min.js:2
ajax   @   jquery.min.js:2
(anonymous)   @   util4.0.js?_=1576070527902:2925
dispatch   @   jquery.min.js:2
y.handle   @   jquery.min.js:2

Code:
Access to XMLHttpRequest at 'https://usage-monitoring.com/current/dismiss4.0.php' from origin 'http://ddwrt' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Code:
Uncaught ReferenceError: data is not defined
    at Object.<anonymous> (util4.0.js?_=1576070527902:2946)
    at u (jquery.min.js:2)
    at Object.fireWith [as rejectWith] (jquery.min.js:2)
    at k (jquery.min.js:2)
    at XMLHttpRequest.<anonymous> (jquery.min.js:2)
(anonymous) @ util4.0.js?_=1576070527902:2946
u @ jquery.min.js:2
fireWith @ jquery.min.js:2
k @ jquery.min.js:2
(anonymous) @ jquery.min.js:2
error (async)
send @ jquery.min.js:2
ajax @ jquery.min.js:2
(anonymous) @ util4.0.js?_=1576070527902:2925
dispatch @ jquery.min.js:2
y.handle @ jquery.min.js:2
mrvanes
DD-WRT Novice


Joined: 06 Dec 2019
Posts: 22

PostPosted: Wed Dec 11, 2019 14:29    Post subject: Reply with quote
Have some data now in daily report, and up/down is still inverted.
mrvanes
DD-WRT Novice


Joined: 06 Dec 2019
Posts: 22

PostPosted: Wed Dec 11, 2019 20:59    Post subject: Reply with quote
Today I tested a watch on the output of iptables -L YAMON34v4 -vnx and it turns out there is no difference for up and download. They all count to the same row, explaining the zero down and everything upload.

The only way I can explain this is that all traffic on the router goes through br0 and from the bridge's perspective, all traffic is incoming, no matter where it originates from.

I haven't dug into the intricacies of your iptables chain setup, but I suspect the chains will never correctly measure traffic if the router isn't routing traffic on WLAN, but acts as a switch?
al_c
DD-WRT Guru


Joined: 13 Apr 2013
Posts: 2134
Location: Ottawa Canada

PostPosted: Sun Dec 15, 2019 4:49    Post subject: YAMon 4.0.4 is available now Reply with quote
OK... I've just pushed v4.0.4 into the wild (https://usage-monitoring.com/installv4.php). In addition to a number of bug fixes, this release finally includes a way to define rules which will prevent certain devices from accessing the web - i.e., you can say that your children's devices cannot access the web between 10PM and 7AM on school nights and 11:30PM and 9AM on weekends, etc.

See https://usage-monitoring.com/current/SetAccessRestrictions.php for a working example of how to manage the restrictions.

NB - to use this feature on your router, you will have to upgrade to v4.0.4 and enable the database integration options (which is a new prompt in the setup script)

I'm really keen to hear feedback on this new feature. I've been running it on my router for a while now and everything seems to work well.
One caveat however, be careful how you define your rules as you could accidentally block all devices on your network.

As always, your feedback is appreciated!

Al

_________________
Thanks to everyone for supporting YAMon!

If you use and like YAMon and have not done so recently, please consider making a donation - thanks!
YAMon GitHub Repository
ddaniel51
DD-WRT Guru


Joined: 19 Feb 2013
Posts: 1464

PostPosted: Sun Dec 15, 2019 11:58    Post subject: Reply with quote
How do we get rid of the Nag screen about ISP Data?
Permanently..

_________________
Segment 1 XR700 10Gb LAN, 1Gb WAN ISP BS
Wired AP 1 Unifi Wifi 6 LR US 1Gb LAN
Wired AP 2 Unifi Wifi 6 LR US 1Gb LAN
Wired AP 3 Unifi Wifi 6 LR US 1Gb LAN
Syslog Services Asustor 7110T NAS 10GB
NetGear XS716T 10GB Switch
download1.dd-wrt.com/dd-wrtv2/downloads/betas/ (Brain Slayer)
YAMon https://usage-monitoring.com/index.php
al_c
DD-WRT Guru


Joined: 13 Apr 2013
Posts: 2134
Location: Ottawa Canada

PostPosted: Sun Dec 15, 2019 13:27    Post subject: Reply with quote
ddaniel51 wrote:
How do we get rid of the Nag screen about ISP Data?
Permanently..


Yeah, it's annoying me too. It should be any easy fix.

Do you have the ISP columns visible?

_________________
Thanks to everyone for supporting YAMon!

If you use and like YAMon and have not done so recently, please consider making a donation - thanks!
YAMon GitHub Repository
Goto page Previous  1, 2, 3 ... 35, 36, 37 ... 44, 45, 46  Next Display posts from previous:    Page 36 of 46
Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum