I have a sub-net of machines which are run autonomously by users. I control the server which acts as gateway between the sub-net and the internet. My server is running Ubuntu.
I'm looking for a way to:
- Record the amount (only need size, don't care about what or from where) of incoming and outgoing network traffic per sub-net IP.
- Subsequently query the amount of network traffic that occurred on a particular IP address during a particular time-frame.
- Bonus: Allow me to cap or shape traffic for a specific IP address once a certain (configurable) volume has been reached.
Basically, something that let's me account and charge users for their network traffic.
Best Answer
Basically you will need three things: a probe, a data collector and a visualizer/shaper/web interface. There are a number of free probes on the market: ipcad and ndsad are probably the most popular. Both can export NetFlow records. A free data collector is pmacct, it can collect both NetFlow and sFlow and right traffic information to an RDBMS. It does not need a probe on Linux, since it can use libpcap for measuring traffic. A good visualizer/shaper is more difficult to find. I used to use NeTAMS. It's 3.XX family is free but it lacks English documentation almost completely. There is something called Captrap, but I've never tried it.