* [PATCH] New package: IPTraffic 0.8.2
@ 2021-01-17 17:15 Matthias Fischer
2021-01-25 19:27 ` Michael Tremer
0 siblings, 1 reply; 13+ messages in thread
From: Matthias Fischer @ 2021-01-17 17:15 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 13399 bytes --]
From: Frank Mainz <frank(a)cybermainzel.de>
Please note:
This is a port of the old 'IPTraffics' addon from ipcop to ipfire
done by RadioCarbon (Frank Mainz).
He asked me to publish this for him - ALL programming work was done by him.
I'm only the MITM.
Description:
With the add-on “IPTraffic” you can determine the traffic of a computer
based on its IP address.
Only the traffic between IPFire and the client to be monitored can be determined.
The display is shown once as a tabular overview and additionally a statistical
graphic can be called up for each client over the period of the last hour, day,
week, month and year.
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
---
config/rootfiles/packages/iptraffic | 22 ++++++
lfs/iptraffic | 108 ++++++++++++++++++++++++++++
make.sh | 1 +
src/paks/iptraffic/install.sh | 40 +++++++++++
src/paks/iptraffic/uninstall.sh | 28 ++++++++
src/paks/iptraffic/update.sh | 26 +++++++
6 files changed, 225 insertions(+)
create mode 100644 config/rootfiles/packages/iptraffic
create mode 100644 lfs/iptraffic
create mode 100644 src/paks/iptraffic/install.sh
create mode 100644 src/paks/iptraffic/uninstall.sh
create mode 100644 src/paks/iptraffic/update.sh
diff --git a/config/rootfiles/packages/iptraffic b/config/rootfiles/packages/iptraffic
new file mode 100644
index 000000000..b860cd9aa
--- /dev/null
+++ b/config/rootfiles/packages/iptraffic
@@ -0,0 +1,22 @@
+etc/fcron.minutely/update-iptraffic
+srv/web/ipfire/html/images/iptraffic
+srv/web/ipfire/cgi-bin/iptraffic.cgi
+srv/web/ipfire/html/images/iptraffic/addblue.gif
+srv/web/ipfire/html/images/iptraffic/addfaint.gif
+srv/web/ipfire/html/images/iptraffic/addgray.gif
+srv/web/ipfire/html/images/iptraffic/addgreen.gif
+srv/web/ipfire/html/images/iptraffic/addorange.gif
+srv/web/ipfire/html/images/iptraffic/addred.gif
+srv/web/ipfire/html/images/iptraffic/blue.png
+srv/web/ipfire/html/images/iptraffic/graph.png
+srv/web/ipfire/html/images/iptraffic/gray.png
+srv/web/ipfire/html/images/iptraffic/green.png
+srv/web/ipfire/html/images/iptraffic/orange.png
+srv/web/ipfire/html/images/iptraffic/red.png
+srv/web/ipfire/html/images/iptraffic/square-green.png
+srv/web/ipfire/html/images/iptraffic/square-red.png
+srv/web/ipfire/html/images/iptraffic/square-yellow.png
+usr/local/bin/iptraffic.pl
+var/ipfire/addon-lang/iptraffic.de.pl
+var/ipfire/addon-lang/iptraffic.en.pl
+var/ipfire/menu.d/EX-iptraffic.menu
diff --git a/lfs/iptraffic b/lfs/iptraffic
new file mode 100644
index 000000000..8f1dfd676
--- /dev/null
+++ b/lfs/iptraffic
@@ -0,0 +1,108 @@
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007-2020 IPFire Team <info(a)ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = 0.8.2
+
+THISAPP = iptraffic-$(VER)
+DL_FILE = $(THISAPP).tar.gz
+DL_FROM = $(URL_IPFIRE)
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+TARGET = $(DIR_INFO)/$(THISAPP)
+PAK_VER = 1
+PROG = iptraffic
+
+DEPS = ""
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = 4d6d54a8e17111da6a60d3c7d4588f16
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+dist:
+ $(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+
+ # Install GUI
+ install -v -m 755 $(DIR_SRC)/srv/web/ipfire/cgi-bin/iptraffic.cgi \
+ /srv/web/ipfire/cgi-bin/iptraffic.cgi
+
+ # Install images
+ -mkdir -p /srv/web/ipfire/html/images/iptraffic
+ install -v -m 644 $(DIR_SRC)/srv/web/ipfire/html/images/iptraffic/* \
+ /srv/web/ipfire/html/images/iptraffic/
+
+ # Install iptraffic script
+ install -v -m 755 $(DIR_SRC)/usr/local/bin/iptraffic.pl \
+ /usr/local/bin/iptraffic.pl
+
+ # Create symlink for one minute updates
+ ln -sf /usr/local/bin/iptraffic.pl \
+ /etc/fcron.minutely/update-iptraffic
+
+ # Install language files
+ install -v -m 004 $(DIR_SRC)/var/ipfire/addon-lang/iptraffic.*.pl \
+ /var/ipfire/addon-lang/
+
+ # Install menu entry
+ install -v -m 644 $(DIR_SRC)/var/ipfire/menu.d/EX-iptraffic.menu \
+ /var/ipfire/menu.d/EX-iptraffic.menu
+ chown nobody.nobody /var/ipfire/menu.d/EX-iptraffic.menu
+
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
diff --git a/make.sh b/make.sh
index a9db53edf..267e1b09a 100755
--- a/make.sh
+++ b/make.sh
@@ -1654,6 +1654,7 @@ buildipfire() {
lfsmake2 ncdu
lfsmake2 lshw
lfsmake2 socat
+ lfsmake2 iptraffic
}
buildinstaller() {
diff --git a/src/paks/iptraffic/install.sh b/src/paks/iptraffic/install.sh
new file mode 100644
index 000000000..a9f857784
--- /dev/null
+++ b/src/paks/iptraffic/install.sh
@@ -0,0 +1,40 @@
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 2 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2020 IPFire-Team <info(a)ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+extract_files
+
+mkdir -p /srv/web/ipfire/html/graphs/iptraffic
+mkdir -p /var/log/iptraffic
+mkdir -p /var/log/rrd/iptraffic
+
+touch /var/log/iptraffic/iptraffic.db
+
+restore_backup ${NAME}
+
+chown -R nobody.nobody /var/log/iptraffic
+chown -R nobody.nobody /var/log/rrd/iptraffic
+chown root.nobody /usr/local/bin/iptraffic.pl
+chown nobody.nobody /var/ipfire/menu.d/EX-iptraffic.menu
+
+/usr/local/bin/update-lang-cache
diff --git a/src/paks/iptraffic/uninstall.sh b/src/paks/iptraffic/uninstall.sh
new file mode 100644
index 000000000..dac570c05
--- /dev/null
+++ b/src/paks/iptraffic/uninstall.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 2 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2007 IPFire-Team <info(a)ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+
+remove_files
+
+/usr/local/bin/update-lang-cache
diff --git a/src/paks/iptraffic/update.sh b/src/paks/iptraffic/update.sh
new file mode 100644
index 000000000..89c40d0d7
--- /dev/null
+++ b/src/paks/iptraffic/update.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 2 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2007 IPFire-Team <info(a)ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+./uninstall.sh
+./install.sh
--
2.18.0
^ permalink raw reply [flat|nested] 13+ messages in thread* Re: [PATCH] New package: IPTraffic 0.8.2
2021-01-17 17:15 [PATCH] New package: IPTraffic 0.8.2 Matthias Fischer
@ 2021-01-25 19:27 ` Michael Tremer
2021-01-25 19:51 ` Frank Mainz
2021-01-26 16:45 ` Matthias Fischer
0 siblings, 2 replies; 13+ messages in thread
From: Michael Tremer @ 2021-01-25 19:27 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 14948 bytes --]
Hello Matthias,
Thank you for submitting the patch.
It is great to see more people taking part in development tasks, but I am not really sure what has been done here.
The main problem is that I do not know what IPTraffic does, or how it works. The code is in a tarball and I am not aware if there is a Git repository to see what has been changed over time.
> On 17 Jan 2021, at 17:15, Matthias Fischer <matthias.fischer(a)ipfire.org> wrote:
>
> From: Frank Mainz <frank(a)cybermainzel.de>
>
> Please note:
> This is a port of the old 'IPTraffics' addon from ipcop to ipfire
> done by RadioCarbon (Frank Mainz).
> He asked me to publish this for him - ALL programming work was done by him.
> I'm only the MITM.
You can use “git commit —-author=…” to set the correct author and you should sign-off as yourself as usual.
So to go back to the usual question: What is being proposed here and why?
Who is this add-on for? What are its features, and what are its limitations?
Why is this realised as add-on and not as part of the core system? I do not want to suggest that it should be either. It just seems that this decision has been made I would like to know based on what reasons :)
Best,
-Michael
> Description:
> With the add-on “IPTraffic” you can determine the traffic of a computer
> based on its IP address.
> Only the traffic between IPFire and the client to be monitored can be determined.
> The display is shown once as a tabular overview and additionally a statistical
> graphic can be called up for each client over the period of the last hour, day,
> week, month and year.
>
> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
> ---
> config/rootfiles/packages/iptraffic | 22 ++++++
> lfs/iptraffic | 108 ++++++++++++++++++++++++++++
> make.sh | 1 +
> src/paks/iptraffic/install.sh | 40 +++++++++++
> src/paks/iptraffic/uninstall.sh | 28 ++++++++
> src/paks/iptraffic/update.sh | 26 +++++++
> 6 files changed, 225 insertions(+)
> create mode 100644 config/rootfiles/packages/iptraffic
> create mode 100644 lfs/iptraffic
> create mode 100644 src/paks/iptraffic/install.sh
> create mode 100644 src/paks/iptraffic/uninstall.sh
> create mode 100644 src/paks/iptraffic/update.sh
>
> diff --git a/config/rootfiles/packages/iptraffic b/config/rootfiles/packages/iptraffic
> new file mode 100644
> index 000000000..b860cd9aa
> --- /dev/null
> +++ b/config/rootfiles/packages/iptraffic
> @@ -0,0 +1,22 @@
> +etc/fcron.minutely/update-iptraffic
> +srv/web/ipfire/html/images/iptraffic
> +srv/web/ipfire/cgi-bin/iptraffic.cgi
> +srv/web/ipfire/html/images/iptraffic/addblue.gif
> +srv/web/ipfire/html/images/iptraffic/addfaint.gif
> +srv/web/ipfire/html/images/iptraffic/addgray.gif
> +srv/web/ipfire/html/images/iptraffic/addgreen.gif
> +srv/web/ipfire/html/images/iptraffic/addorange.gif
> +srv/web/ipfire/html/images/iptraffic/addred.gif
> +srv/web/ipfire/html/images/iptraffic/blue.png
> +srv/web/ipfire/html/images/iptraffic/graph.png
> +srv/web/ipfire/html/images/iptraffic/gray.png
> +srv/web/ipfire/html/images/iptraffic/green.png
> +srv/web/ipfire/html/images/iptraffic/orange.png
> +srv/web/ipfire/html/images/iptraffic/red.png
> +srv/web/ipfire/html/images/iptraffic/square-green.png
> +srv/web/ipfire/html/images/iptraffic/square-red.png
> +srv/web/ipfire/html/images/iptraffic/square-yellow.png
> +usr/local/bin/iptraffic.pl
> +var/ipfire/addon-lang/iptraffic.de.pl
> +var/ipfire/addon-lang/iptraffic.en.pl
> +var/ipfire/menu.d/EX-iptraffic.menu
> diff --git a/lfs/iptraffic b/lfs/iptraffic
> new file mode 100644
> index 000000000..8f1dfd676
> --- /dev/null
> +++ b/lfs/iptraffic
> @@ -0,0 +1,108 @@
> +###############################################################################
> +# #
> +# IPFire.org - A linux based firewall #
> +# Copyright (C) 2007-2020 IPFire Team <info(a)ipfire.org> #
> +# #
> +# This program is free software: you can redistribute it and/or modify #
> +# it under the terms of the GNU General Public License as published by #
> +# the Free Software Foundation, either version 3 of the License, or #
> +# (at your option) any later version. #
> +# #
> +# This program is distributed in the hope that it will be useful, #
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> +# GNU General Public License for more details. #
> +# #
> +# You should have received a copy of the GNU General Public License #
> +# along with this program. If not, see <http://www.gnu.org/licenses/>. #
> +# #
> +###############################################################################
> +
> +###############################################################################
> +# Definitions
> +###############################################################################
> +
> +include Config
> +
> +VER = 0.8.2
> +
> +THISAPP = iptraffic-$(VER)
> +DL_FILE = $(THISAPP).tar.gz
> +DL_FROM = $(URL_IPFIRE)
> +DIR_APP = $(DIR_SRC)/$(THISAPP)
> +TARGET = $(DIR_INFO)/$(THISAPP)
> +PAK_VER = 1
> +PROG = iptraffic
> +
> +DEPS = ""
> +
> +###############################################################################
> +# Top-level Rules
> +###############################################################################
> +
> +objects = $(DL_FILE)
> +
> +$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
> +
> +$(DL_FILE)_MD5 = 4d6d54a8e17111da6a60d3c7d4588f16
> +
> +install : $(TARGET)
> +
> +check : $(patsubst %,$(DIR_CHK)/%,$(objects))
> +
> +download :$(patsubst %,$(DIR_DL)/%,$(objects))
> +
> +md5 : $(subst %,%_MD5,$(objects))
> +
> +dist:
> + $(PAK)
> +
> +###############################################################################
> +# Downloading, checking, md5sum
> +###############################################################################
> +
> +$(patsubst %,$(DIR_CHK)/%,$(objects)) :
> + @$(CHECK)
> +
> +$(patsubst %,$(DIR_DL)/%,$(objects)) :
> + @$(LOAD)
> +
> +$(subst %,%_MD5,$(objects)) :
> + @$(MD5)
> +
> +###############################################################################
> +# Installation Details
> +###############################################################################
> +
> +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> + @$(PREBUILD)
> + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
> +
> + # Install GUI
> + install -v -m 755 $(DIR_SRC)/srv/web/ipfire/cgi-bin/iptraffic.cgi \
> + /srv/web/ipfire/cgi-bin/iptraffic.cgi
> +
> + # Install images
> + -mkdir -p /srv/web/ipfire/html/images/iptraffic
> + install -v -m 644 $(DIR_SRC)/srv/web/ipfire/html/images/iptraffic/* \
> + /srv/web/ipfire/html/images/iptraffic/
> +
> + # Install iptraffic script
> + install -v -m 755 $(DIR_SRC)/usr/local/bin/iptraffic.pl \
> + /usr/local/bin/iptraffic.pl
> +
> + # Create symlink for one minute updates
> + ln -sf /usr/local/bin/iptraffic.pl \
> + /etc/fcron.minutely/update-iptraffic
> +
> + # Install language files
> + install -v -m 004 $(DIR_SRC)/var/ipfire/addon-lang/iptraffic.*.pl \
> + /var/ipfire/addon-lang/
> +
> + # Install menu entry
> + install -v -m 644 $(DIR_SRC)/var/ipfire/menu.d/EX-iptraffic.menu \
> + /var/ipfire/menu.d/EX-iptraffic.menu
> + chown nobody.nobody /var/ipfire/menu.d/EX-iptraffic.menu
> +
> + @rm -rf $(DIR_APP)
> + @$(POSTBUILD)
> diff --git a/make.sh b/make.sh
> index a9db53edf..267e1b09a 100755
> --- a/make.sh
> +++ b/make.sh
> @@ -1654,6 +1654,7 @@ buildipfire() {
> lfsmake2 ncdu
> lfsmake2 lshw
> lfsmake2 socat
> + lfsmake2 iptraffic
> }
>
> buildinstaller() {
> diff --git a/src/paks/iptraffic/install.sh b/src/paks/iptraffic/install.sh
> new file mode 100644
> index 000000000..a9f857784
> --- /dev/null
> +++ b/src/paks/iptraffic/install.sh
> @@ -0,0 +1,40 @@
> +#!/bin/bash
> +############################################################################
> +# #
> +# This file is part of the IPFire Firewall. #
> +# #
> +# IPFire is free software; you can redistribute it and/or modify #
> +# it under the terms of the GNU General Public License as published by #
> +# the Free Software Foundation; either version 2 of the License, or #
> +# (at your option) any later version. #
> +# #
> +# IPFire is distributed in the hope that it will be useful, #
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> +# GNU General Public License for more details. #
> +# #
> +# You should have received a copy of the GNU General Public License #
> +# along with IPFire; if not, write to the Free Software #
> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
> +# #
> +# Copyright (C) 2020 IPFire-Team <info(a)ipfire.org>. #
> +# #
> +############################################################################
> +#
> +. /opt/pakfire/lib/functions.sh
> +extract_files
> +
> +mkdir -p /srv/web/ipfire/html/graphs/iptraffic
> +mkdir -p /var/log/iptraffic
> +mkdir -p /var/log/rrd/iptraffic
> +
> +touch /var/log/iptraffic/iptraffic.db
> +
> +restore_backup ${NAME}
> +
> +chown -R nobody.nobody /var/log/iptraffic
> +chown -R nobody.nobody /var/log/rrd/iptraffic
> +chown root.nobody /usr/local/bin/iptraffic.pl
> +chown nobody.nobody /var/ipfire/menu.d/EX-iptraffic.menu
> +
> +/usr/local/bin/update-lang-cache
> diff --git a/src/paks/iptraffic/uninstall.sh b/src/paks/iptraffic/uninstall.sh
> new file mode 100644
> index 000000000..dac570c05
> --- /dev/null
> +++ b/src/paks/iptraffic/uninstall.sh
> @@ -0,0 +1,28 @@
> +#!/bin/bash
> +############################################################################
> +# #
> +# This file is part of the IPFire Firewall. #
> +# #
> +# IPFire is free software; you can redistribute it and/or modify #
> +# it under the terms of the GNU General Public License as published by #
> +# the Free Software Foundation; either version 2 of the License, or #
> +# (at your option) any later version. #
> +# #
> +# IPFire is distributed in the hope that it will be useful, #
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> +# GNU General Public License for more details. #
> +# #
> +# You should have received a copy of the GNU General Public License #
> +# along with IPFire; if not, write to the Free Software #
> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
> +# #
> +# Copyright (C) 2007 IPFire-Team <info(a)ipfire.org>. #
> +# #
> +############################################################################
> +#
> +. /opt/pakfire/lib/functions.sh
> +
> +remove_files
> +
> +/usr/local/bin/update-lang-cache
> diff --git a/src/paks/iptraffic/update.sh b/src/paks/iptraffic/update.sh
> new file mode 100644
> index 000000000..89c40d0d7
> --- /dev/null
> +++ b/src/paks/iptraffic/update.sh
> @@ -0,0 +1,26 @@
> +#!/bin/bash
> +############################################################################
> +# #
> +# This file is part of the IPFire Firewall. #
> +# #
> +# IPFire is free software; you can redistribute it and/or modify #
> +# it under the terms of the GNU General Public License as published by #
> +# the Free Software Foundation; either version 2 of the License, or #
> +# (at your option) any later version. #
> +# #
> +# IPFire is distributed in the hope that it will be useful, #
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> +# GNU General Public License for more details. #
> +# #
> +# You should have received a copy of the GNU General Public License #
> +# along with IPFire; if not, write to the Free Software #
> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
> +# #
> +# Copyright (C) 2007 IPFire-Team <info(a)ipfire.org>. #
> +# #
> +############################################################################
> +#
> +. /opt/pakfire/lib/functions.sh
> +./uninstall.sh
> +./install.sh
> --
> 2.18.0
>
^ permalink raw reply [flat|nested] 13+ messages in thread* Re: [PATCH] New package: IPTraffic 0.8.2
2021-01-25 19:27 ` Michael Tremer
@ 2021-01-25 19:51 ` Frank Mainz
2021-01-25 20:05 ` Michael Tremer
2021-01-26 16:45 ` Matthias Fischer
1 sibling, 1 reply; 13+ messages in thread
From: Frank Mainz @ 2021-01-25 19:51 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 292 bytes --]
Hello Michael,
look in the WIKI and you know what is displayed. Otherwise, the traffic
of individual IP addresses is logged with the help of entries in the
CUSTOM chains and graphically prepared.
https://wiki.ipfire.org/addons/iptraffic-playground
Greetings Frank
PS: Fullquote removed
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] New package: IPTraffic 0.8.2
2021-01-25 19:51 ` Frank Mainz
@ 2021-01-25 20:05 ` Michael Tremer
0 siblings, 0 replies; 13+ messages in thread
From: Michael Tremer @ 2021-01-25 20:05 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 945 bytes --]
Hi Frank,
Thank you for your email, but it didn’t answer any of my questions.
I wasn’t aware of the wiki pages, but I had a look at it.
The questions from my previous email remain though. I do not think a single one was answered.
> On 25 Jan 2021, at 19:51, Frank Mainz <frank(a)cybermainzel.de> wrote:
>
> Hello Michael,
>
> look in the WIKI and you know what is displayed. Otherwise, the traffic
> of individual IP addresses is logged with the help of entries in the
> CUSTOM chains and graphically prepared.
The CUSTOM* chains can’t be touched by any programs that come with the distributions. They exist for users to add any custom rules and they are under full control by the user only.
> https://wiki.ipfire.org/addons/iptraffic-playground
>
>
> Greetings Frank
>
> PS: Fullquote removed
Why? I don’t recommend doing this because it removes context from the conversation.
Best,
-Michael
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] New package: IPTraffic 0.8.2
2021-01-25 19:27 ` Michael Tremer
2021-01-25 19:51 ` Frank Mainz
@ 2021-01-26 16:45 ` Matthias Fischer
2021-01-26 17:03 ` Aw: " Bernhard Bitsch
2021-01-27 11:32 ` Michael Tremer
1 sibling, 2 replies; 13+ messages in thread
From: Matthias Fischer @ 2021-01-26 16:45 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 16589 bytes --]
Hi,
On 25.01.2021 20:27, Michael Tremer wrote:
> Hello Matthias,
>
> Thank you for submitting the patch.
>
> It is great to see more people taking part in development tasks, but I am not really sure what has been done here.
>
> The main problem is that I do not know what IPTraffic does, or how it works. The code is in a tarball and I am not aware if there is a Git repository to see what has been changed over time.
Oh my, just came back from work and had to read a lot of postings here.
Hm...
I must confess I was puzzled after reading through all of it - its a pity.
Perhaps I should have coded this for Pakfire in a different manner to
make things more transparent and perhaps avoid a bit of todays
discussions - but I can't make that undone. It started with a classical
ipcop installation script.
As I see it, Bernhard has already looked through the code.
The only thing I can think of now: I could rewrite the build process -
if this makes still sense, let me know. If it doesn't fit our needs -
than thats it.
>> On 17 Jan 2021, at 17:15, Matthias Fischer <matthias.fischer(a)ipfire.org> wrote:
>>
>> From: Frank Mainz <frank(a)cybermainzel.de>
>>
>> Please note:
>> This is a port of the old 'IPTraffics' addon from ipcop to ipfire
>> done by RadioCarbon (Frank Mainz).
>> He asked me to publish this for him - ALL programming work was done by him.
>> I'm only the MITM.
>
> You can use “git commit —-author=…” to set the correct author and you should sign-off as yourself as usual.
FYI:
This is exactly what I did in the *first* commit...
=> https://patchwork.ipfire.org/patch/3813/
...and in GIT:
=>
https://git.ipfire.org/?p=people/mfischer/ipfire-2.x.git;a=commit;h=bc2af5d1c92fb09ddd8266000a0666fff9c67e26
...but I forgot to do set the author in the last one. That happens.
> So to go back to the usual question: What is being proposed here and why?
>
> Who is this add-on for? What are its features, and what are its limitations?
>
> Why is this realised as add-on and not as part of the core system? I do not want to suggest that it should be either. It just seems that this decision has been made I would like to know based on what reasons :)
As I see it - it was once written as an addon and just stayed in this
condition. No one had the idea to integrate it. Simple.
Don't get me wrong - I'm not offended - just a little disappointed how
the whole thing has gone here at once and would definitely try to still
get the best out of it.
Best,
Matthias
> Best,
> -Michael
>
>> Description:
>> With the add-on “IPTraffic” you can determine the traffic of a computer
>> based on its IP address.
>> Only the traffic between IPFire and the client to be monitored can be determined.
>> The display is shown once as a tabular overview and additionally a statistical
>> graphic can be called up for each client over the period of the last hour, day,
>> week, month and year.
>>
>> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
>> ---
>> config/rootfiles/packages/iptraffic | 22 ++++++
>> lfs/iptraffic | 108 ++++++++++++++++++++++++++++
>> make.sh | 1 +
>> src/paks/iptraffic/install.sh | 40 +++++++++++
>> src/paks/iptraffic/uninstall.sh | 28 ++++++++
>> src/paks/iptraffic/update.sh | 26 +++++++
>> 6 files changed, 225 insertions(+)
>> create mode 100644 config/rootfiles/packages/iptraffic
>> create mode 100644 lfs/iptraffic
>> create mode 100644 src/paks/iptraffic/install.sh
>> create mode 100644 src/paks/iptraffic/uninstall.sh
>> create mode 100644 src/paks/iptraffic/update.sh
>>
>> diff --git a/config/rootfiles/packages/iptraffic b/config/rootfiles/packages/iptraffic
>> new file mode 100644
>> index 000000000..b860cd9aa
>> --- /dev/null
>> +++ b/config/rootfiles/packages/iptraffic
>> @@ -0,0 +1,22 @@
>> +etc/fcron.minutely/update-iptraffic
>> +srv/web/ipfire/html/images/iptraffic
>> +srv/web/ipfire/cgi-bin/iptraffic.cgi
>> +srv/web/ipfire/html/images/iptraffic/addblue.gif
>> +srv/web/ipfire/html/images/iptraffic/addfaint.gif
>> +srv/web/ipfire/html/images/iptraffic/addgray.gif
>> +srv/web/ipfire/html/images/iptraffic/addgreen.gif
>> +srv/web/ipfire/html/images/iptraffic/addorange.gif
>> +srv/web/ipfire/html/images/iptraffic/addred.gif
>> +srv/web/ipfire/html/images/iptraffic/blue.png
>> +srv/web/ipfire/html/images/iptraffic/graph.png
>> +srv/web/ipfire/html/images/iptraffic/gray.png
>> +srv/web/ipfire/html/images/iptraffic/green.png
>> +srv/web/ipfire/html/images/iptraffic/orange.png
>> +srv/web/ipfire/html/images/iptraffic/red.png
>> +srv/web/ipfire/html/images/iptraffic/square-green.png
>> +srv/web/ipfire/html/images/iptraffic/square-red.png
>> +srv/web/ipfire/html/images/iptraffic/square-yellow.png
>> +usr/local/bin/iptraffic.pl
>> +var/ipfire/addon-lang/iptraffic.de.pl
>> +var/ipfire/addon-lang/iptraffic.en.pl
>> +var/ipfire/menu.d/EX-iptraffic.menu
>> diff --git a/lfs/iptraffic b/lfs/iptraffic
>> new file mode 100644
>> index 000000000..8f1dfd676
>> --- /dev/null
>> +++ b/lfs/iptraffic
>> @@ -0,0 +1,108 @@
>> +###############################################################################
>> +# #
>> +# IPFire.org - A linux based firewall #
>> +# Copyright (C) 2007-2020 IPFire Team <info(a)ipfire.org> #
>> +# #
>> +# This program is free software: you can redistribute it and/or modify #
>> +# it under the terms of the GNU General Public License as published by #
>> +# the Free Software Foundation, either version 3 of the License, or #
>> +# (at your option) any later version. #
>> +# #
>> +# This program is distributed in the hope that it will be useful, #
>> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
>> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
>> +# GNU General Public License for more details. #
>> +# #
>> +# You should have received a copy of the GNU General Public License #
>> +# along with this program. If not, see <http://www.gnu.org/licenses/>. #
>> +# #
>> +###############################################################################
>> +
>> +###############################################################################
>> +# Definitions
>> +###############################################################################
>> +
>> +include Config
>> +
>> +VER = 0.8.2
>> +
>> +THISAPP = iptraffic-$(VER)
>> +DL_FILE = $(THISAPP).tar.gz
>> +DL_FROM = $(URL_IPFIRE)
>> +DIR_APP = $(DIR_SRC)/$(THISAPP)
>> +TARGET = $(DIR_INFO)/$(THISAPP)
>> +PAK_VER = 1
>> +PROG = iptraffic
>> +
>> +DEPS = ""
>> +
>> +###############################################################################
>> +# Top-level Rules
>> +###############################################################################
>> +
>> +objects = $(DL_FILE)
>> +
>> +$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>> +
>> +$(DL_FILE)_MD5 = 4d6d54a8e17111da6a60d3c7d4588f16
>> +
>> +install : $(TARGET)
>> +
>> +check : $(patsubst %,$(DIR_CHK)/%,$(objects))
>> +
>> +download :$(patsubst %,$(DIR_DL)/%,$(objects))
>> +
>> +md5 : $(subst %,%_MD5,$(objects))
>> +
>> +dist:
>> + $(PAK)
>> +
>> +###############################################################################
>> +# Downloading, checking, md5sum
>> +###############################################################################
>> +
>> +$(patsubst %,$(DIR_CHK)/%,$(objects)) :
>> + @$(CHECK)
>> +
>> +$(patsubst %,$(DIR_DL)/%,$(objects)) :
>> + @$(LOAD)
>> +
>> +$(subst %,%_MD5,$(objects)) :
>> + @$(MD5)
>> +
>> +###############################################################################
>> +# Installation Details
>> +###############################################################################
>> +
>> +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
>> + @$(PREBUILD)
>> + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
>> +
>> + # Install GUI
>> + install -v -m 755 $(DIR_SRC)/srv/web/ipfire/cgi-bin/iptraffic.cgi \
>> + /srv/web/ipfire/cgi-bin/iptraffic.cgi
>> +
>> + # Install images
>> + -mkdir -p /srv/web/ipfire/html/images/iptraffic
>> + install -v -m 644 $(DIR_SRC)/srv/web/ipfire/html/images/iptraffic/* \
>> + /srv/web/ipfire/html/images/iptraffic/
>> +
>> + # Install iptraffic script
>> + install -v -m 755 $(DIR_SRC)/usr/local/bin/iptraffic.pl \
>> + /usr/local/bin/iptraffic.pl
>> +
>> + # Create symlink for one minute updates
>> + ln -sf /usr/local/bin/iptraffic.pl \
>> + /etc/fcron.minutely/update-iptraffic
>> +
>> + # Install language files
>> + install -v -m 004 $(DIR_SRC)/var/ipfire/addon-lang/iptraffic.*.pl \
>> + /var/ipfire/addon-lang/
>> +
>> + # Install menu entry
>> + install -v -m 644 $(DIR_SRC)/var/ipfire/menu.d/EX-iptraffic.menu \
>> + /var/ipfire/menu.d/EX-iptraffic.menu
>> + chown nobody.nobody /var/ipfire/menu.d/EX-iptraffic.menu
>> +
>> + @rm -rf $(DIR_APP)
>> + @$(POSTBUILD)
>> diff --git a/make.sh b/make.sh
>> index a9db53edf..267e1b09a 100755
>> --- a/make.sh
>> +++ b/make.sh
>> @@ -1654,6 +1654,7 @@ buildipfire() {
>> lfsmake2 ncdu
>> lfsmake2 lshw
>> lfsmake2 socat
>> + lfsmake2 iptraffic
>> }
>>
>> buildinstaller() {
>> diff --git a/src/paks/iptraffic/install.sh b/src/paks/iptraffic/install.sh
>> new file mode 100644
>> index 000000000..a9f857784
>> --- /dev/null
>> +++ b/src/paks/iptraffic/install.sh
>> @@ -0,0 +1,40 @@
>> +#!/bin/bash
>> +############################################################################
>> +# #
>> +# This file is part of the IPFire Firewall. #
>> +# #
>> +# IPFire is free software; you can redistribute it and/or modify #
>> +# it under the terms of the GNU General Public License as published by #
>> +# the Free Software Foundation; either version 2 of the License, or #
>> +# (at your option) any later version. #
>> +# #
>> +# IPFire is distributed in the hope that it will be useful, #
>> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
>> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
>> +# GNU General Public License for more details. #
>> +# #
>> +# You should have received a copy of the GNU General Public License #
>> +# along with IPFire; if not, write to the Free Software #
>> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
>> +# #
>> +# Copyright (C) 2020 IPFire-Team <info(a)ipfire.org>. #
>> +# #
>> +############################################################################
>> +#
>> +. /opt/pakfire/lib/functions.sh
>> +extract_files
>> +
>> +mkdir -p /srv/web/ipfire/html/graphs/iptraffic
>> +mkdir -p /var/log/iptraffic
>> +mkdir -p /var/log/rrd/iptraffic
>> +
>> +touch /var/log/iptraffic/iptraffic.db
>> +
>> +restore_backup ${NAME}
>> +
>> +chown -R nobody.nobody /var/log/iptraffic
>> +chown -R nobody.nobody /var/log/rrd/iptraffic
>> +chown root.nobody /usr/local/bin/iptraffic.pl
>> +chown nobody.nobody /var/ipfire/menu.d/EX-iptraffic.menu
>> +
>> +/usr/local/bin/update-lang-cache
>> diff --git a/src/paks/iptraffic/uninstall.sh b/src/paks/iptraffic/uninstall.sh
>> new file mode 100644
>> index 000000000..dac570c05
>> --- /dev/null
>> +++ b/src/paks/iptraffic/uninstall.sh
>> @@ -0,0 +1,28 @@
>> +#!/bin/bash
>> +############################################################################
>> +# #
>> +# This file is part of the IPFire Firewall. #
>> +# #
>> +# IPFire is free software; you can redistribute it and/or modify #
>> +# it under the terms of the GNU General Public License as published by #
>> +# the Free Software Foundation; either version 2 of the License, or #
>> +# (at your option) any later version. #
>> +# #
>> +# IPFire is distributed in the hope that it will be useful, #
>> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
>> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
>> +# GNU General Public License for more details. #
>> +# #
>> +# You should have received a copy of the GNU General Public License #
>> +# along with IPFire; if not, write to the Free Software #
>> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
>> +# #
>> +# Copyright (C) 2007 IPFire-Team <info(a)ipfire.org>. #
>> +# #
>> +############################################################################
>> +#
>> +. /opt/pakfire/lib/functions.sh
>> +
>> +remove_files
>> +
>> +/usr/local/bin/update-lang-cache
>> diff --git a/src/paks/iptraffic/update.sh b/src/paks/iptraffic/update.sh
>> new file mode 100644
>> index 000000000..89c40d0d7
>> --- /dev/null
>> +++ b/src/paks/iptraffic/update.sh
>> @@ -0,0 +1,26 @@
>> +#!/bin/bash
>> +############################################################################
>> +# #
>> +# This file is part of the IPFire Firewall. #
>> +# #
>> +# IPFire is free software; you can redistribute it and/or modify #
>> +# it under the terms of the GNU General Public License as published by #
>> +# the Free Software Foundation; either version 2 of the License, or #
>> +# (at your option) any later version. #
>> +# #
>> +# IPFire is distributed in the hope that it will be useful, #
>> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
>> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
>> +# GNU General Public License for more details. #
>> +# #
>> +# You should have received a copy of the GNU General Public License #
>> +# along with IPFire; if not, write to the Free Software #
>> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
>> +# #
>> +# Copyright (C) 2007 IPFire-Team <info(a)ipfire.org>. #
>> +# #
>> +############################################################################
>> +#
>> +. /opt/pakfire/lib/functions.sh
>> +./uninstall.sh
>> +./install.sh
>> --
>> 2.18.0
>>
>
^ permalink raw reply [flat|nested] 13+ messages in thread* Aw: Re: [PATCH] New package: IPTraffic 0.8.2
2021-01-26 16:45 ` Matthias Fischer
@ 2021-01-26 17:03 ` Bernhard Bitsch
2021-01-27 11:32 ` Michael Tremer
1 sibling, 0 replies; 13+ messages in thread
From: Bernhard Bitsch @ 2021-01-26 17:03 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 18145 bytes --]
Hello Matthias,
as I see it, most of the discussion came up because of 'formalities'.
Michael tries to survey the style and way of project development.
Frank doesn't want to discuss his work, IMHO.
Therefore I posted my short analysis of the code to bring it bach to the facts.
Remains the question how to go further.
Frank declared in the community thread, he is not willing to maintain his code officially. Michael and some users in the community think there is some need for the feature. Whether pmacct is a solution, I don't know.
Regards,
Bernhard
> Gesendet: Dienstag, 26. Januar 2021 um 17:45 Uhr
> Von: "Matthias Fischer" <matthias.fischer(a)ipfire.org>
> An: "Michael Tremer" <michael.tremer(a)ipfire.org>
> Cc: development(a)lists.ipfire.org
> Betreff: Re: [PATCH] New package: IPTraffic 0.8.2
>
> Hi,
>
> On 25.01.2021 20:27, Michael Tremer wrote:
> > Hello Matthias,
> >
> > Thank you for submitting the patch.
> >
> > It is great to see more people taking part in development tasks, but I am not really sure what has been done here.
> >
> > The main problem is that I do not know what IPTraffic does, or how it works. The code is in a tarball and I am not aware if there is a Git repository to see what has been changed over time.
>
> Oh my, just came back from work and had to read a lot of postings here.
> Hm...
>
> I must confess I was puzzled after reading through all of it - its a pity.
>
> Perhaps I should have coded this for Pakfire in a different manner to
> make things more transparent and perhaps avoid a bit of todays
> discussions - but I can't make that undone. It started with a classical
> ipcop installation script.
>
> As I see it, Bernhard has already looked through the code.
> The only thing I can think of now: I could rewrite the build process -
> if this makes still sense, let me know. If it doesn't fit our needs -
> than thats it.
>
> >> On 17 Jan 2021, at 17:15, Matthias Fischer <matthias.fischer(a)ipfire.org> wrote:
> >>
> >> From: Frank Mainz <frank(a)cybermainzel.de>
> >>
> >> Please note:
> >> This is a port of the old 'IPTraffics' addon from ipcop to ipfire
> >> done by RadioCarbon (Frank Mainz).
> >> He asked me to publish this for him - ALL programming work was done by him.
> >> I'm only the MITM.
> >
> > You can use “git commit —-author=…” to set the correct author and you should sign-off as yourself as usual.
>
> FYI:
> This is exactly what I did in the *first* commit...
> => https://patchwork.ipfire.org/patch/3813/
>
> ...and in GIT:
>
> =>
> https://git.ipfire.org/?p=people/mfischer/ipfire-2.x.git;a=commit;h=bc2af5d1c92fb09ddd8266000a0666fff9c67e26
>
> ...but I forgot to do set the author in the last one. That happens.
>
> > So to go back to the usual question: What is being proposed here and why?
> >
> > Who is this add-on for? What are its features, and what are its limitations?
> >
> > Why is this realised as add-on and not as part of the core system? I do not want to suggest that it should be either. It just seems that this decision has been made I would like to know based on what reasons :)
>
> As I see it - it was once written as an addon and just stayed in this
> condition. No one had the idea to integrate it. Simple.
>
> Don't get me wrong - I'm not offended - just a little disappointed how
> the whole thing has gone here at once and would definitely try to still
> get the best out of it.
>
> Best,
> Matthias
>
> > Best,
> > -Michael
> >
> >> Description:
> >> With the add-on “IPTraffic” you can determine the traffic of a computer
> >> based on its IP address.
> >> Only the traffic between IPFire and the client to be monitored can be determined.
> >> The display is shown once as a tabular overview and additionally a statistical
> >> graphic can be called up for each client over the period of the last hour, day,
> >> week, month and year.
> >>
> >> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
> >> ---
> >> config/rootfiles/packages/iptraffic | 22 ++++++
> >> lfs/iptraffic | 108 ++++++++++++++++++++++++++++
> >> make.sh | 1 +
> >> src/paks/iptraffic/install.sh | 40 +++++++++++
> >> src/paks/iptraffic/uninstall.sh | 28 ++++++++
> >> src/paks/iptraffic/update.sh | 26 +++++++
> >> 6 files changed, 225 insertions(+)
> >> create mode 100644 config/rootfiles/packages/iptraffic
> >> create mode 100644 lfs/iptraffic
> >> create mode 100644 src/paks/iptraffic/install.sh
> >> create mode 100644 src/paks/iptraffic/uninstall.sh
> >> create mode 100644 src/paks/iptraffic/update.sh
> >>
> >> diff --git a/config/rootfiles/packages/iptraffic b/config/rootfiles/packages/iptraffic
> >> new file mode 100644
> >> index 000000000..b860cd9aa
> >> --- /dev/null
> >> +++ b/config/rootfiles/packages/iptraffic
> >> @@ -0,0 +1,22 @@
> >> +etc/fcron.minutely/update-iptraffic
> >> +srv/web/ipfire/html/images/iptraffic
> >> +srv/web/ipfire/cgi-bin/iptraffic.cgi
> >> +srv/web/ipfire/html/images/iptraffic/addblue.gif
> >> +srv/web/ipfire/html/images/iptraffic/addfaint.gif
> >> +srv/web/ipfire/html/images/iptraffic/addgray.gif
> >> +srv/web/ipfire/html/images/iptraffic/addgreen.gif
> >> +srv/web/ipfire/html/images/iptraffic/addorange.gif
> >> +srv/web/ipfire/html/images/iptraffic/addred.gif
> >> +srv/web/ipfire/html/images/iptraffic/blue.png
> >> +srv/web/ipfire/html/images/iptraffic/graph.png
> >> +srv/web/ipfire/html/images/iptraffic/gray.png
> >> +srv/web/ipfire/html/images/iptraffic/green.png
> >> +srv/web/ipfire/html/images/iptraffic/orange.png
> >> +srv/web/ipfire/html/images/iptraffic/red.png
> >> +srv/web/ipfire/html/images/iptraffic/square-green.png
> >> +srv/web/ipfire/html/images/iptraffic/square-red.png
> >> +srv/web/ipfire/html/images/iptraffic/square-yellow.png
> >> +usr/local/bin/iptraffic.pl
> >> +var/ipfire/addon-lang/iptraffic.de.pl
> >> +var/ipfire/addon-lang/iptraffic.en.pl
> >> +var/ipfire/menu.d/EX-iptraffic.menu
> >> diff --git a/lfs/iptraffic b/lfs/iptraffic
> >> new file mode 100644
> >> index 000000000..8f1dfd676
> >> --- /dev/null
> >> +++ b/lfs/iptraffic
> >> @@ -0,0 +1,108 @@
> >> +###############################################################################
> >> +# #
> >> +# IPFire.org - A linux based firewall #
> >> +# Copyright (C) 2007-2020 IPFire Team <info(a)ipfire.org> #
> >> +# #
> >> +# This program is free software: you can redistribute it and/or modify #
> >> +# it under the terms of the GNU General Public License as published by #
> >> +# the Free Software Foundation, either version 3 of the License, or #
> >> +# (at your option) any later version. #
> >> +# #
> >> +# This program is distributed in the hope that it will be useful, #
> >> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> >> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> >> +# GNU General Public License for more details. #
> >> +# #
> >> +# You should have received a copy of the GNU General Public License #
> >> +# along with this program. If not, see <http://www.gnu.org/licenses/>. #
> >> +# #
> >> +###############################################################################
> >> +
> >> +###############################################################################
> >> +# Definitions
> >> +###############################################################################
> >> +
> >> +include Config
> >> +
> >> +VER = 0.8.2
> >> +
> >> +THISAPP = iptraffic-$(VER)
> >> +DL_FILE = $(THISAPP).tar.gz
> >> +DL_FROM = $(URL_IPFIRE)
> >> +DIR_APP = $(DIR_SRC)/$(THISAPP)
> >> +TARGET = $(DIR_INFO)/$(THISAPP)
> >> +PAK_VER = 1
> >> +PROG = iptraffic
> >> +
> >> +DEPS = ""
> >> +
> >> +###############################################################################
> >> +# Top-level Rules
> >> +###############################################################################
> >> +
> >> +objects = $(DL_FILE)
> >> +
> >> +$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
> >> +
> >> +$(DL_FILE)_MD5 = 4d6d54a8e17111da6a60d3c7d4588f16
> >> +
> >> +install : $(TARGET)
> >> +
> >> +check : $(patsubst %,$(DIR_CHK)/%,$(objects))
> >> +
> >> +download :$(patsubst %,$(DIR_DL)/%,$(objects))
> >> +
> >> +md5 : $(subst %,%_MD5,$(objects))
> >> +
> >> +dist:
> >> + $(PAK)
> >> +
> >> +###############################################################################
> >> +# Downloading, checking, md5sum
> >> +###############################################################################
> >> +
> >> +$(patsubst %,$(DIR_CHK)/%,$(objects)) :
> >> + @$(CHECK)
> >> +
> >> +$(patsubst %,$(DIR_DL)/%,$(objects)) :
> >> + @$(LOAD)
> >> +
> >> +$(subst %,%_MD5,$(objects)) :
> >> + @$(MD5)
> >> +
> >> +###############################################################################
> >> +# Installation Details
> >> +###############################################################################
> >> +
> >> +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> >> + @$(PREBUILD)
> >> + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
> >> +
> >> + # Install GUI
> >> + install -v -m 755 $(DIR_SRC)/srv/web/ipfire/cgi-bin/iptraffic.cgi \
> >> + /srv/web/ipfire/cgi-bin/iptraffic.cgi
> >> +
> >> + # Install images
> >> + -mkdir -p /srv/web/ipfire/html/images/iptraffic
> >> + install -v -m 644 $(DIR_SRC)/srv/web/ipfire/html/images/iptraffic/* \
> >> + /srv/web/ipfire/html/images/iptraffic/
> >> +
> >> + # Install iptraffic script
> >> + install -v -m 755 $(DIR_SRC)/usr/local/bin/iptraffic.pl \
> >> + /usr/local/bin/iptraffic.pl
> >> +
> >> + # Create symlink for one minute updates
> >> + ln -sf /usr/local/bin/iptraffic.pl \
> >> + /etc/fcron.minutely/update-iptraffic
> >> +
> >> + # Install language files
> >> + install -v -m 004 $(DIR_SRC)/var/ipfire/addon-lang/iptraffic.*.pl \
> >> + /var/ipfire/addon-lang/
> >> +
> >> + # Install menu entry
> >> + install -v -m 644 $(DIR_SRC)/var/ipfire/menu.d/EX-iptraffic.menu \
> >> + /var/ipfire/menu.d/EX-iptraffic.menu
> >> + chown nobody.nobody /var/ipfire/menu.d/EX-iptraffic.menu
> >> +
> >> + @rm -rf $(DIR_APP)
> >> + @$(POSTBUILD)
> >> diff --git a/make.sh b/make.sh
> >> index a9db53edf..267e1b09a 100755
> >> --- a/make.sh
> >> +++ b/make.sh
> >> @@ -1654,6 +1654,7 @@ buildipfire() {
> >> lfsmake2 ncdu
> >> lfsmake2 lshw
> >> lfsmake2 socat
> >> + lfsmake2 iptraffic
> >> }
> >>
> >> buildinstaller() {
> >> diff --git a/src/paks/iptraffic/install.sh b/src/paks/iptraffic/install.sh
> >> new file mode 100644
> >> index 000000000..a9f857784
> >> --- /dev/null
> >> +++ b/src/paks/iptraffic/install.sh
> >> @@ -0,0 +1,40 @@
> >> +#!/bin/bash
> >> +############################################################################
> >> +# #
> >> +# This file is part of the IPFire Firewall. #
> >> +# #
> >> +# IPFire is free software; you can redistribute it and/or modify #
> >> +# it under the terms of the GNU General Public License as published by #
> >> +# the Free Software Foundation; either version 2 of the License, or #
> >> +# (at your option) any later version. #
> >> +# #
> >> +# IPFire is distributed in the hope that it will be useful, #
> >> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> >> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> >> +# GNU General Public License for more details. #
> >> +# #
> >> +# You should have received a copy of the GNU General Public License #
> >> +# along with IPFire; if not, write to the Free Software #
> >> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
> >> +# #
> >> +# Copyright (C) 2020 IPFire-Team <info(a)ipfire.org>. #
> >> +# #
> >> +############################################################################
> >> +#
> >> +. /opt/pakfire/lib/functions.sh
> >> +extract_files
> >> +
> >> +mkdir -p /srv/web/ipfire/html/graphs/iptraffic
> >> +mkdir -p /var/log/iptraffic
> >> +mkdir -p /var/log/rrd/iptraffic
> >> +
> >> +touch /var/log/iptraffic/iptraffic.db
> >> +
> >> +restore_backup ${NAME}
> >> +
> >> +chown -R nobody.nobody /var/log/iptraffic
> >> +chown -R nobody.nobody /var/log/rrd/iptraffic
> >> +chown root.nobody /usr/local/bin/iptraffic.pl
> >> +chown nobody.nobody /var/ipfire/menu.d/EX-iptraffic.menu
> >> +
> >> +/usr/local/bin/update-lang-cache
> >> diff --git a/src/paks/iptraffic/uninstall.sh b/src/paks/iptraffic/uninstall.sh
> >> new file mode 100644
> >> index 000000000..dac570c05
> >> --- /dev/null
> >> +++ b/src/paks/iptraffic/uninstall.sh
> >> @@ -0,0 +1,28 @@
> >> +#!/bin/bash
> >> +############################################################################
> >> +# #
> >> +# This file is part of the IPFire Firewall. #
> >> +# #
> >> +# IPFire is free software; you can redistribute it and/or modify #
> >> +# it under the terms of the GNU General Public License as published by #
> >> +# the Free Software Foundation; either version 2 of the License, or #
> >> +# (at your option) any later version. #
> >> +# #
> >> +# IPFire is distributed in the hope that it will be useful, #
> >> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> >> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> >> +# GNU General Public License for more details. #
> >> +# #
> >> +# You should have received a copy of the GNU General Public License #
> >> +# along with IPFire; if not, write to the Free Software #
> >> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
> >> +# #
> >> +# Copyright (C) 2007 IPFire-Team <info(a)ipfire.org>. #
> >> +# #
> >> +############################################################################
> >> +#
> >> +. /opt/pakfire/lib/functions.sh
> >> +
> >> +remove_files
> >> +
> >> +/usr/local/bin/update-lang-cache
> >> diff --git a/src/paks/iptraffic/update.sh b/src/paks/iptraffic/update.sh
> >> new file mode 100644
> >> index 000000000..89c40d0d7
> >> --- /dev/null
> >> +++ b/src/paks/iptraffic/update.sh
> >> @@ -0,0 +1,26 @@
> >> +#!/bin/bash
> >> +############################################################################
> >> +# #
> >> +# This file is part of the IPFire Firewall. #
> >> +# #
> >> +# IPFire is free software; you can redistribute it and/or modify #
> >> +# it under the terms of the GNU General Public License as published by #
> >> +# the Free Software Foundation; either version 2 of the License, or #
> >> +# (at your option) any later version. #
> >> +# #
> >> +# IPFire is distributed in the hope that it will be useful, #
> >> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> >> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> >> +# GNU General Public License for more details. #
> >> +# #
> >> +# You should have received a copy of the GNU General Public License #
> >> +# along with IPFire; if not, write to the Free Software #
> >> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
> >> +# #
> >> +# Copyright (C) 2007 IPFire-Team <info(a)ipfire.org>. #
> >> +# #
> >> +############################################################################
> >> +#
> >> +. /opt/pakfire/lib/functions.sh
> >> +./uninstall.sh
> >> +./install.sh
> >> --
> >> 2.18.0
> >>
> >
>
>
^ permalink raw reply [flat|nested] 13+ messages in thread* Re: [PATCH] New package: IPTraffic 0.8.2
2021-01-26 16:45 ` Matthias Fischer
2021-01-26 17:03 ` Aw: " Bernhard Bitsch
@ 2021-01-27 11:32 ` Michael Tremer
2021-01-27 18:36 ` Matthias Fischer
1 sibling, 1 reply; 13+ messages in thread
From: Michael Tremer @ 2021-01-27 11:32 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 17924 bytes --]
Hello Matthias,
> On 26 Jan 2021, at 16:45, Matthias Fischer <matthias.fischer(a)ipfire.org> wrote:
>
> Hi,
>
> On 25.01.2021 20:27, Michael Tremer wrote:
>> Hello Matthias,
>>
>> Thank you for submitting the patch.
>>
>> It is great to see more people taking part in development tasks, but I am not really sure what has been done here.
>>
>> The main problem is that I do not know what IPTraffic does, or how it works. The code is in a tarball and I am not aware if there is a Git repository to see what has been changed over time.
>
> Oh my, just came back from work and had to read a lot of postings here.
> Hm...
>
> I must confess I was puzzled after reading through all of it - its a pity.
I agree and I am very sorry for all the time you have invested into this with now very little result.
> Perhaps I should have coded this for Pakfire in a different manner to
> make things more transparent and perhaps avoid a bit of todays
> discussions - but I can't make that undone. It started with a classical
> ipcop installation script.
No, I do not think that that was the thing that broke this.
As Bernhard has pointed out, the design of this add-on has some issues that would have to be ironed out and they sound to me like they are a lot of work. It might even be worth to start from scratch and get a much better design of this and only take the bits of the code that are acceptable right now.
> As I see it, Bernhard has already looked through the code.
> The only thing I can think of now: I could rewrite the build process -
> if this makes still sense, let me know. If it doesn't fit our needs -
> than thats it.
>
>>> On 17 Jan 2021, at 17:15, Matthias Fischer <matthias.fischer(a)ipfire.org> wrote:
>>>
>>> From: Frank Mainz <frank(a)cybermainzel.de>
>>>
>>> Please note:
>>> This is a port of the old 'IPTraffics' addon from ipcop to ipfire
>>> done by RadioCarbon (Frank Mainz).
>>> He asked me to publish this for him - ALL programming work was done by him.
>>> I'm only the MITM.
>>
>> You can use “git commit —-author=…” to set the correct author and you should sign-off as yourself as usual.
>
> FYI:
> This is exactly what I did in the *first* commit...
> => https://patchwork.ipfire.org/patch/3813/
>
> ...and in GIT:
>
> =>
> https://git.ipfire.org/?p=people/mfischer/ipfire-2.x.git;a=commit;h=bc2af5d1c92fb09ddd8266000a0666fff9c67e26
>
> ...but I forgot to do set the author in the last one. That happens.
Oh I didn’t see that. Very good :)
>> So to go back to the usual question: What is being proposed here and why?
>>
>> Who is this add-on for? What are its features, and what are its limitations?
>>
>> Why is this realised as add-on and not as part of the core system? I do not want to suggest that it should be either. It just seems that this decision has been made I would like to know based on what reasons :)
>
> As I see it - it was once written as an addon and just stayed in this
> condition. No one had the idea to integrate it. Simple.
We have a couple of those abandoned things on here, which is sad, but I suppose each of them has their own reasons.
It would be better if software is abandoned before it is being merged instead of after - because then it might cause us trouble later.
> Don't get me wrong - I'm not offended - just a little disappointed how
> the whole thing has gone here at once and would definitely try to still
> get the best out of it.
What do you suggest we should do right now?
-Michael
>
> Best,
> Matthias
>
>> Best,
>> -Michael
>>
>>> Description:
>>> With the add-on “IPTraffic” you can determine the traffic of a computer
>>> based on its IP address.
>>> Only the traffic between IPFire and the client to be monitored can be determined.
>>> The display is shown once as a tabular overview and additionally a statistical
>>> graphic can be called up for each client over the period of the last hour, day,
>>> week, month and year.
>>>
>>> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
>>> ---
>>> config/rootfiles/packages/iptraffic | 22 ++++++
>>> lfs/iptraffic | 108 ++++++++++++++++++++++++++++
>>> make.sh | 1 +
>>> src/paks/iptraffic/install.sh | 40 +++++++++++
>>> src/paks/iptraffic/uninstall.sh | 28 ++++++++
>>> src/paks/iptraffic/update.sh | 26 +++++++
>>> 6 files changed, 225 insertions(+)
>>> create mode 100644 config/rootfiles/packages/iptraffic
>>> create mode 100644 lfs/iptraffic
>>> create mode 100644 src/paks/iptraffic/install.sh
>>> create mode 100644 src/paks/iptraffic/uninstall.sh
>>> create mode 100644 src/paks/iptraffic/update.sh
>>>
>>> diff --git a/config/rootfiles/packages/iptraffic b/config/rootfiles/packages/iptraffic
>>> new file mode 100644
>>> index 000000000..b860cd9aa
>>> --- /dev/null
>>> +++ b/config/rootfiles/packages/iptraffic
>>> @@ -0,0 +1,22 @@
>>> +etc/fcron.minutely/update-iptraffic
>>> +srv/web/ipfire/html/images/iptraffic
>>> +srv/web/ipfire/cgi-bin/iptraffic.cgi
>>> +srv/web/ipfire/html/images/iptraffic/addblue.gif
>>> +srv/web/ipfire/html/images/iptraffic/addfaint.gif
>>> +srv/web/ipfire/html/images/iptraffic/addgray.gif
>>> +srv/web/ipfire/html/images/iptraffic/addgreen.gif
>>> +srv/web/ipfire/html/images/iptraffic/addorange.gif
>>> +srv/web/ipfire/html/images/iptraffic/addred.gif
>>> +srv/web/ipfire/html/images/iptraffic/blue.png
>>> +srv/web/ipfire/html/images/iptraffic/graph.png
>>> +srv/web/ipfire/html/images/iptraffic/gray.png
>>> +srv/web/ipfire/html/images/iptraffic/green.png
>>> +srv/web/ipfire/html/images/iptraffic/orange.png
>>> +srv/web/ipfire/html/images/iptraffic/red.png
>>> +srv/web/ipfire/html/images/iptraffic/square-green.png
>>> +srv/web/ipfire/html/images/iptraffic/square-red.png
>>> +srv/web/ipfire/html/images/iptraffic/square-yellow.png
>>> +usr/local/bin/iptraffic.pl
>>> +var/ipfire/addon-lang/iptraffic.de.pl
>>> +var/ipfire/addon-lang/iptraffic.en.pl
>>> +var/ipfire/menu.d/EX-iptraffic.menu
>>> diff --git a/lfs/iptraffic b/lfs/iptraffic
>>> new file mode 100644
>>> index 000000000..8f1dfd676
>>> --- /dev/null
>>> +++ b/lfs/iptraffic
>>> @@ -0,0 +1,108 @@
>>> +###############################################################################
>>> +# #
>>> +# IPFire.org - A linux based firewall #
>>> +# Copyright (C) 2007-2020 IPFire Team <info(a)ipfire.org> #
>>> +# #
>>> +# This program is free software: you can redistribute it and/or modify #
>>> +# it under the terms of the GNU General Public License as published by #
>>> +# the Free Software Foundation, either version 3 of the License, or #
>>> +# (at your option) any later version. #
>>> +# #
>>> +# This program is distributed in the hope that it will be useful, #
>>> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
>>> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
>>> +# GNU General Public License for more details. #
>>> +# #
>>> +# You should have received a copy of the GNU General Public License #
>>> +# along with this program. If not, see <http://www.gnu.org/licenses/>. #
>>> +# #
>>> +###############################################################################
>>> +
>>> +###############################################################################
>>> +# Definitions
>>> +###############################################################################
>>> +
>>> +include Config
>>> +
>>> +VER = 0.8.2
>>> +
>>> +THISAPP = iptraffic-$(VER)
>>> +DL_FILE = $(THISAPP).tar.gz
>>> +DL_FROM = $(URL_IPFIRE)
>>> +DIR_APP = $(DIR_SRC)/$(THISAPP)
>>> +TARGET = $(DIR_INFO)/$(THISAPP)
>>> +PAK_VER = 1
>>> +PROG = iptraffic
>>> +
>>> +DEPS = ""
>>> +
>>> +###############################################################################
>>> +# Top-level Rules
>>> +###############################################################################
>>> +
>>> +objects = $(DL_FILE)
>>> +
>>> +$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>>> +
>>> +$(DL_FILE)_MD5 = 4d6d54a8e17111da6a60d3c7d4588f16
>>> +
>>> +install : $(TARGET)
>>> +
>>> +check : $(patsubst %,$(DIR_CHK)/%,$(objects))
>>> +
>>> +download :$(patsubst %,$(DIR_DL)/%,$(objects))
>>> +
>>> +md5 : $(subst %,%_MD5,$(objects))
>>> +
>>> +dist:
>>> + $(PAK)
>>> +
>>> +###############################################################################
>>> +# Downloading, checking, md5sum
>>> +###############################################################################
>>> +
>>> +$(patsubst %,$(DIR_CHK)/%,$(objects)) :
>>> + @$(CHECK)
>>> +
>>> +$(patsubst %,$(DIR_DL)/%,$(objects)) :
>>> + @$(LOAD)
>>> +
>>> +$(subst %,%_MD5,$(objects)) :
>>> + @$(MD5)
>>> +
>>> +###############################################################################
>>> +# Installation Details
>>> +###############################################################################
>>> +
>>> +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
>>> + @$(PREBUILD)
>>> + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
>>> +
>>> + # Install GUI
>>> + install -v -m 755 $(DIR_SRC)/srv/web/ipfire/cgi-bin/iptraffic.cgi \
>>> + /srv/web/ipfire/cgi-bin/iptraffic.cgi
>>> +
>>> + # Install images
>>> + -mkdir -p /srv/web/ipfire/html/images/iptraffic
>>> + install -v -m 644 $(DIR_SRC)/srv/web/ipfire/html/images/iptraffic/* \
>>> + /srv/web/ipfire/html/images/iptraffic/
>>> +
>>> + # Install iptraffic script
>>> + install -v -m 755 $(DIR_SRC)/usr/local/bin/iptraffic.pl \
>>> + /usr/local/bin/iptraffic.pl
>>> +
>>> + # Create symlink for one minute updates
>>> + ln -sf /usr/local/bin/iptraffic.pl \
>>> + /etc/fcron.minutely/update-iptraffic
>>> +
>>> + # Install language files
>>> + install -v -m 004 $(DIR_SRC)/var/ipfire/addon-lang/iptraffic.*.pl \
>>> + /var/ipfire/addon-lang/
>>> +
>>> + # Install menu entry
>>> + install -v -m 644 $(DIR_SRC)/var/ipfire/menu.d/EX-iptraffic.menu \
>>> + /var/ipfire/menu.d/EX-iptraffic.menu
>>> + chown nobody.nobody /var/ipfire/menu.d/EX-iptraffic.menu
>>> +
>>> + @rm -rf $(DIR_APP)
>>> + @$(POSTBUILD)
>>> diff --git a/make.sh b/make.sh
>>> index a9db53edf..267e1b09a 100755
>>> --- a/make.sh
>>> +++ b/make.sh
>>> @@ -1654,6 +1654,7 @@ buildipfire() {
>>> lfsmake2 ncdu
>>> lfsmake2 lshw
>>> lfsmake2 socat
>>> + lfsmake2 iptraffic
>>> }
>>>
>>> buildinstaller() {
>>> diff --git a/src/paks/iptraffic/install.sh b/src/paks/iptraffic/install.sh
>>> new file mode 100644
>>> index 000000000..a9f857784
>>> --- /dev/null
>>> +++ b/src/paks/iptraffic/install.sh
>>> @@ -0,0 +1,40 @@
>>> +#!/bin/bash
>>> +############################################################################
>>> +# #
>>> +# This file is part of the IPFire Firewall. #
>>> +# #
>>> +# IPFire is free software; you can redistribute it and/or modify #
>>> +# it under the terms of the GNU General Public License as published by #
>>> +# the Free Software Foundation; either version 2 of the License, or #
>>> +# (at your option) any later version. #
>>> +# #
>>> +# IPFire is distributed in the hope that it will be useful, #
>>> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
>>> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
>>> +# GNU General Public License for more details. #
>>> +# #
>>> +# You should have received a copy of the GNU General Public License #
>>> +# along with IPFire; if not, write to the Free Software #
>>> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
>>> +# #
>>> +# Copyright (C) 2020 IPFire-Team <info(a)ipfire.org>. #
>>> +# #
>>> +############################################################################
>>> +#
>>> +. /opt/pakfire/lib/functions.sh
>>> +extract_files
>>> +
>>> +mkdir -p /srv/web/ipfire/html/graphs/iptraffic
>>> +mkdir -p /var/log/iptraffic
>>> +mkdir -p /var/log/rrd/iptraffic
>>> +
>>> +touch /var/log/iptraffic/iptraffic.db
>>> +
>>> +restore_backup ${NAME}
>>> +
>>> +chown -R nobody.nobody /var/log/iptraffic
>>> +chown -R nobody.nobody /var/log/rrd/iptraffic
>>> +chown root.nobody /usr/local/bin/iptraffic.pl
>>> +chown nobody.nobody /var/ipfire/menu.d/EX-iptraffic.menu
>>> +
>>> +/usr/local/bin/update-lang-cache
>>> diff --git a/src/paks/iptraffic/uninstall.sh b/src/paks/iptraffic/uninstall.sh
>>> new file mode 100644
>>> index 000000000..dac570c05
>>> --- /dev/null
>>> +++ b/src/paks/iptraffic/uninstall.sh
>>> @@ -0,0 +1,28 @@
>>> +#!/bin/bash
>>> +############################################################################
>>> +# #
>>> +# This file is part of the IPFire Firewall. #
>>> +# #
>>> +# IPFire is free software; you can redistribute it and/or modify #
>>> +# it under the terms of the GNU General Public License as published by #
>>> +# the Free Software Foundation; either version 2 of the License, or #
>>> +# (at your option) any later version. #
>>> +# #
>>> +# IPFire is distributed in the hope that it will be useful, #
>>> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
>>> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
>>> +# GNU General Public License for more details. #
>>> +# #
>>> +# You should have received a copy of the GNU General Public License #
>>> +# along with IPFire; if not, write to the Free Software #
>>> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
>>> +# #
>>> +# Copyright (C) 2007 IPFire-Team <info(a)ipfire.org>. #
>>> +# #
>>> +############################################################################
>>> +#
>>> +. /opt/pakfire/lib/functions.sh
>>> +
>>> +remove_files
>>> +
>>> +/usr/local/bin/update-lang-cache
>>> diff --git a/src/paks/iptraffic/update.sh b/src/paks/iptraffic/update.sh
>>> new file mode 100644
>>> index 000000000..89c40d0d7
>>> --- /dev/null
>>> +++ b/src/paks/iptraffic/update.sh
>>> @@ -0,0 +1,26 @@
>>> +#!/bin/bash
>>> +############################################################################
>>> +# #
>>> +# This file is part of the IPFire Firewall. #
>>> +# #
>>> +# IPFire is free software; you can redistribute it and/or modify #
>>> +# it under the terms of the GNU General Public License as published by #
>>> +# the Free Software Foundation; either version 2 of the License, or #
>>> +# (at your option) any later version. #
>>> +# #
>>> +# IPFire is distributed in the hope that it will be useful, #
>>> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
>>> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
>>> +# GNU General Public License for more details. #
>>> +# #
>>> +# You should have received a copy of the GNU General Public License #
>>> +# along with IPFire; if not, write to the Free Software #
>>> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
>>> +# #
>>> +# Copyright (C) 2007 IPFire-Team <info(a)ipfire.org>. #
>>> +# #
>>> +############################################################################
>>> +#
>>> +. /opt/pakfire/lib/functions.sh
>>> +./uninstall.sh
>>> +./install.sh
>>> --
>>> 2.18.0
>>>
>>
>
^ permalink raw reply [flat|nested] 13+ messages in thread* Re: [PATCH] New package: IPTraffic 0.8.2
2021-01-27 11:32 ` Michael Tremer
@ 2021-01-27 18:36 ` Matthias Fischer
2021-01-28 10:08 ` Matthias Fischer
0 siblings, 1 reply; 13+ messages in thread
From: Matthias Fischer @ 2021-01-27 18:36 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 3993 bytes --]
[forgot the list, sent again]
Hi,
On 27.01.2021 12:32, Michael Tremer wrote:
> Hello Matthias,
>
>> On 26 Jan 2021, at 16:45, Matthias Fischer <matthias.fischer(a)ipfire.org> wrote:
>>
>> Hi,
>>
>> On 25.01.2021 20:27, Michael Tremer wrote:
>>> Hello Matthias,
>>>
>>> Thank you for submitting the patch.
>>>
>>> It is great to see more people taking part in development tasks, but I am not really sure what has been done here.
>>>
>>> The main problem is that I do not know what IPTraffic does, or how it works. The code is in a tarball and I am not aware if there is a Git repository to see what has been changed over time.
I'm working on this.
>> ...
>> I must confess I was puzzled after reading through all of it - its a pity.
>
> I agree and I am very sorry for all the time you have invested into this with now very little result.
Yep. But thats life. I just take it as it is and try to make the best
out of it.
>> Perhaps I should have coded this for Pakfire in a different manner...
> ...
> No, I do not think that that was the thing that broke this.
>
> As Bernhard has pointed out, the design of this add-on has some issues that would have to be ironed out and they sound to me like they are a lot of work. It might even be worth to start from scratch and get a much better design of this and only take the bits of the code that are acceptable right now.
I hope that this can be done - but I got no experience or enough
knowledge to rewrite this, so I hope we find somebody else.
>> As I see it, Bernhard has already looked through the code.
>> The only thing I can think of now: I could rewrite the build process -
>> if this makes still sense, let me know. If it doesn't fit our needs -
>> than thats it.
>>
>>>...
>>> You can use “git commit —-author=…” to set the correct author and you should sign-off as yourself as usual.
>>
>> FYI:
>> This is exactly what I did in the *first* commit...
> ...
> Oh I didn’t see that. Very good :)
It was just a short search and again I learned something new about GIT.
I'm taking it positive...
>>> So to go back to the usual question: What is being proposed here and why?
>>>
>>> Who is this add-on for? What are its features, and what are its limitations?
>>>
>>> Why is this realised as add-on and not as part of the core system? I do not want to suggest that it should be either. It just seems that this decision has been made I would like to know based on what reasons :)
>>
>> As I see it - it was once written as an addon and just stayed in this
>> condition. No one had the idea to integrate it. Simple.
>
> We have a couple of those abandoned things on here, which is sad, but I suppose each of them has their own reasons.
>
> It would be better if software is abandoned before it is being merged instead of after - because then it might cause us trouble later.
Yep. That happened in the past - I don't need it in the future.
>> Don't get me wrong - I'm not offended - just a little disappointed how
>> the whole thing has gone here at once and would definitely try to still
>> get the best out of it.
>
> What do you suggest we should do right now?
As a start, I rewrote the whole building and installation process - I
got rid of the tarball. I would test if its ok - one of the 'Devels' is
already working on it - and building as expected and then push it to GIT
/ Patchwork. This would make the current code readable and transparent
to everybody.
Suggestion:
Then "someone" (sorry, not me, thats far beyond my capabilities) should
be able to decide whether she/he is able to use and rewrite the existing
code to eliminate the disussed "shortcomings" (Google translate, I don't
know if this fits!) and if it can be integrated or publishd as an addon.
I can't decide if it would be better to start from scratch, see above
(Bernhards comments).
Best,
Matthias
[cut: unneeded installation code]
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] New package: IPTraffic 0.8.2
2021-01-27 18:36 ` Matthias Fischer
@ 2021-01-28 10:08 ` Matthias Fischer
0 siblings, 0 replies; 13+ messages in thread
From: Matthias Fischer @ 2021-01-28 10:08 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 1361 bytes --]
Hi,
[shortened for better readability]
On 27.01.2021 19:36, Matthias Fischer wrote:
> ...
>>>> ...
>>>> Thank you for submitting the patch.
>>>>
>>>> It is great to see more people taking part in development tasks, but I am not really sure what has been done here.
>>>>
>>>> The main problem is that I do not know what IPTraffic does, or how it works. The code is in a tarball and I am not aware if there is a Git repository to see what has been changed over time.
>
> I'm working on this.
>>> ...
>> What do you suggest we should do right now?
>
> As a start, I rewrote the whole building and installation process - I
> got rid of the tarball. I would test if its ok - one of the 'Devels' is
> already working on it - and building as expected and then push it to GIT
> / Patchwork. This would make the current code readable and transparent
> to everybody.
Done. Sent a reworked version.
>
> Suggestion:
> Then "someone" (sorry, not me, thats far beyond my capabilities) should
> be able to decide whether she/he is able to use and rewrite the existing
> code to eliminate the disussed "shortcomings" (Google translate, I don't
> know if this fits!) and if it can be integrated or publishd as an addon.
> I can't decide if it would be better to start from scratch, see above
> (Bernhards comments).
Best,
Matthias
^ permalink raw reply [flat|nested] 13+ messages in thread
[parent not found: <2cc215c55a63d98924de4db8780ebf7ca89aefd7.camel@cybermainzel.de>]
* Re: [PATCH] New package: IPTraffic 0.8.2
[not found] <2cc215c55a63d98924de4db8780ebf7ca89aefd7.camel@cybermainzel.de>
@ 2021-01-25 20:48 ` Michael Tremer
2021-01-25 20:58 ` Frank Mainz
0 siblings, 1 reply; 13+ messages in thread
From: Michael Tremer @ 2021-01-25 20:48 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 3225 bytes --]
Hello Frank,
> On 25 Jan 2021, at 20:22, Frank Mainz <frank(a)cybermainzel.de> wrote:
>
> Am Montag, den 25.01.2021, 20:05 +0000 schrieb Michael Tremer:
>> Hi Frank,
>>
>> Thank you for your email, but it didn’t answer any of my questions.
>>
>> I wasn’t aware of the wiki pages, but I had a look at it.
>>
>> The questions from my previous email remain though. I do not think a
>> single one was answered.
>
> That is not my problem.
Okay, I am sorry, but I would have to vote to reject this patch then.
It is very important that we review all code that is going into the distribution and that we have a reason that it is there. Code that is redundant, not needed and unmaintained is a potential security problem. I am sure this is very easy to understand.
Also, you can read here what it takes to get your patches into the distribution:
https://wiki.ipfire.org/devel/submit-patches
This is not there for our own entertainment. It is a tested and tuned process which guarantees that IPFire is a product of very high quality.
>>> On 25 Jan 2021, at 19:51, Frank Mainz <frank(a)cybermainzel.de>
>>> wrote:
>>>
>>> Hello Michael,
>>>
>>> look in the WIKI and you know what is displayed. Otherwise, the
>>> traffic
>>> of individual IP addresses is logged with the help of entries in
>>> the
>>> CUSTOM chains and graphically prepared.
>>
>> The CUSTOM* chains can’t be touched by any programs that come with
>> the distributions. They exist for users to add any custom rules and
>> they are under full control by the user only.
>
> Then it does fit.
No, it doesn’t, because you are not the user of all those firewalls.
Every chain has a defined purpose, and you are using it for something it isn’t designed for and it will break setups.
>>> https://wiki.ipfire.org/addons/iptraffic-playground
>>>
>>>
>>> Greetings Frank
>>>
>>> PS: Fullquote removed
>>
>> Why? I don’t recommend doing this because it removes context from the
>> conversation.
>>
>> Best,
>> -Michael
>
> Then be careful next time not to quote >100 lines of source code. How
> this is supposed to preserve context is beyond me.
Because we write comments into the code. And we normally try to answer other people’s questions.
Do not forget that many people are reading this list and they do not devote a lot of time to get themselves involved in everything. Therefore things have to be understood at a quick glance.
> But do what you want. Exactly because of such reactions I didn't want
> to port the AddOn for IPFire.
I have absolutely no idea why you are reacting like this. The process is clear and I am here to make IPFire as good as I can possibly do.
I have simply asked what your code is and what it does. You seem to not want to answer those questions and why is unfortunately beyond me.
> Have a nice life. I am out.
Under those circumstances I must say that I find it very disappointing that you have wasted my time and Matthias’ time, too. I have re-read my email and I do not see why this might have caused any offence.
I assume that nobody else wants to push this forward any more and maintain this code?
-Michael
^ permalink raw reply [flat|nested] 13+ messages in thread* Re: [PATCH] New package: IPTraffic 0.8.2
2021-01-25 20:48 ` Michael Tremer
@ 2021-01-25 20:58 ` Frank Mainz
2021-01-25 21:01 ` Michael Tremer
0 siblings, 1 reply; 13+ messages in thread
From: Frank Mainz @ 2021-01-25 20:58 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 3690 bytes --]
Michael,
I had not answered without reason only privately.
Throw away the AddOn. Forget it.
unfortunately you can't unsubscribe with a simple "unsubscibe".
What is a spam filter for.
Am Montag, den 25.01.2021, 20:48 +0000 schrieb Michael Tremer:
> Hello Frank,
>
> > On 25 Jan 2021, at 20:22, Frank Mainz <frank(a)cybermainzel.de>
> > wrote:
> >
> > Am Montag, den 25.01.2021, 20:05 +0000 schrieb Michael Tremer:
> > > Hi Frank,
> > >
> > > Thank you for your email, but it didn’t answer any of my
> > > questions.
> > >
> > > I wasn’t aware of the wiki pages, but I had a look at it.
> > >
> > > The questions from my previous email remain though. I do not
> > > think a
> > > single one was answered.
> >
> > That is not my problem.
>
> Okay, I am sorry, but I would have to vote to reject this patch then.
>
> It is very important that we review all code that is going into the
> distribution and that we have a reason that it is there. Code that is
> redundant, not needed and unmaintained is a potential security
> problem. I am sure this is very easy to understand.
>
> Also, you can read here what it takes to get your patches into the
> distribution:
>
> https://wiki.ipfire.org/devel/submit-patches
>
> This is not there for our own entertainment. It is a tested and tuned
> process which guarantees that IPFire is a product of very high
> quality.
>
> > > > On 25 Jan 2021, at 19:51, Frank Mainz <frank(a)cybermainzel.de>
> > > > wrote:
> > > >
> > > > Hello Michael,
> > > >
> > > > look in the WIKI and you know what is displayed. Otherwise, the
> > > > traffic
> > > > of individual IP addresses is logged with the help of entries
> > > > in
> > > > the
> > > > CUSTOM chains and graphically prepared.
> > >
> > > The CUSTOM* chains can’t be touched by any programs that come
> > > with
> > > the distributions. They exist for users to add any custom rules
> > > and
> > > they are under full control by the user only.
> >
> > Then it does fit.
>
> No, it doesn’t, because you are not the user of all those firewalls.
>
> Every chain has a defined purpose, and you are using it for something
> it isn’t designed for and it will break setups.
>
> > > > https://wiki.ipfire.org/addons/iptraffic-playground
> > > >
> > > >
> > > > Greetings Frank
> > > >
> > > > PS: Fullquote removed
> > >
> > > Why? I don’t recommend doing this because it removes context from
> > > the
> > > conversation.
> > >
> > > Best,
> > > -Michael
> >
> > Then be careful next time not to quote >100 lines of source code.
> > How
> > this is supposed to preserve context is beyond me.
>
> Because we write comments into the code. And we normally try to
> answer other people’s questions.
>
> Do not forget that many people are reading this list and they do not
> devote a lot of time to get themselves involved in everything.
> Therefore things have to be understood at a quick glance.
>
> > But do what you want. Exactly because of such reactions I didn't
> > want
> > to port the AddOn for IPFire.
>
> I have absolutely no idea why you are reacting like this. The process
> is clear and I am here to make IPFire as good as I can possibly do.
>
> I have simply asked what your code is and what it does. You seem to
> not want to answer those questions and why is unfortunately beyond
> me.
>
> > Have a nice life. I am out.
>
> Under those circumstances I must say that I find it very
> disappointing that you have wasted my time and Matthias’ time, too. I
> have re-read my email and I do not see why this might have caused any
> offence.
>
> I assume that nobody else wants to push this forward any more and
> maintain this code?
>
> -Michael
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] New package: IPTraffic 0.8.2
2021-01-25 20:58 ` Frank Mainz
@ 2021-01-25 21:01 ` Michael Tremer
0 siblings, 0 replies; 13+ messages in thread
From: Michael Tremer @ 2021-01-25 21:01 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 4210 bytes --]
Hello Frank,
We have a policy to not take public conversations private:
https://wiki.ipfire.org/devel/contact
It is under "Never make a public conversation private” and it is there because sometimes mail user agents do this because of bad UI, and sometimes there are other reasons.
-Michael
> On 25 Jan 2021, at 20:58, Frank Mainz <frank(a)cybermainzel.de> wrote:
>
> Michael,
> I had not answered without reason only privately.
> Throw away the AddOn. Forget it.
>
> unfortunately you can't unsubscribe with a simple "unsubscibe".
>
> What is a spam filter for.
>
> Am Montag, den 25.01.2021, 20:48 +0000 schrieb Michael Tremer:
>> Hello Frank,
>>
>>> On 25 Jan 2021, at 20:22, Frank Mainz <frank(a)cybermainzel.de>
>>> wrote:
>>>
>>> Am Montag, den 25.01.2021, 20:05 +0000 schrieb Michael Tremer:
>>>> Hi Frank,
>>>>
>>>> Thank you for your email, but it didn’t answer any of my
>>>> questions.
>>>>
>>>> I wasn’t aware of the wiki pages, but I had a look at it.
>>>>
>>>> The questions from my previous email remain though. I do not
>>>> think a
>>>> single one was answered.
>>>
>>> That is not my problem.
>>
>> Okay, I am sorry, but I would have to vote to reject this patch then.
>>
>> It is very important that we review all code that is going into the
>> distribution and that we have a reason that it is there. Code that is
>> redundant, not needed and unmaintained is a potential security
>> problem. I am sure this is very easy to understand.
>>
>> Also, you can read here what it takes to get your patches into the
>> distribution:
>>
>> https://wiki.ipfire.org/devel/submit-patches
>>
>> This is not there for our own entertainment. It is a tested and tuned
>> process which guarantees that IPFire is a product of very high
>> quality.
>>
>>>>> On 25 Jan 2021, at 19:51, Frank Mainz <frank(a)cybermainzel.de>
>>>>> wrote:
>>>>>
>>>>> Hello Michael,
>>>>>
>>>>> look in the WIKI and you know what is displayed. Otherwise, the
>>>>> traffic
>>>>> of individual IP addresses is logged with the help of entries
>>>>> in
>>>>> the
>>>>> CUSTOM chains and graphically prepared.
>>>>
>>>> The CUSTOM* chains can’t be touched by any programs that come
>>>> with
>>>> the distributions. They exist for users to add any custom rules
>>>> and
>>>> they are under full control by the user only.
>>>
>>> Then it does fit.
>>
>> No, it doesn’t, because you are not the user of all those firewalls.
>>
>> Every chain has a defined purpose, and you are using it for something
>> it isn’t designed for and it will break setups.
>>
>>>>> https://wiki.ipfire.org/addons/iptraffic-playground
>>>>>
>>>>>
>>>>> Greetings Frank
>>>>>
>>>>> PS: Fullquote removed
>>>>
>>>> Why? I don’t recommend doing this because it removes context from
>>>> the
>>>> conversation.
>>>>
>>>> Best,
>>>> -Michael
>>>
>>> Then be careful next time not to quote >100 lines of source code.
>>> How
>>> this is supposed to preserve context is beyond me.
>>
>> Because we write comments into the code. And we normally try to
>> answer other people’s questions.
>>
>> Do not forget that many people are reading this list and they do not
>> devote a lot of time to get themselves involved in everything.
>> Therefore things have to be understood at a quick glance.
>>
>>> But do what you want. Exactly because of such reactions I didn't
>>> want
>>> to port the AddOn for IPFire.
>>
>> I have absolutely no idea why you are reacting like this. The process
>> is clear and I am here to make IPFire as good as I can possibly do.
>>
>> I have simply asked what your code is and what it does. You seem to
>> not want to answer those questions and why is unfortunately beyond
>> me.
>>
>>> Have a nice life. I am out.
>>
>> Under those circumstances I must say that I find it very
>> disappointing that you have wasted my time and Matthias’ time, too. I
>> have re-read my email and I do not see why this might have caused any
>> offence.
>>
>> I assume that nobody else wants to push this forward any more and
>> maintain this code?
>>
>> -Michael
>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Aw: Re: [PATCH] New package: IPTraffic 0.8.2
2021-01-25 21:01 ` Michael Tremer
@ 2021-01-25 21:50 Bernhard Bitsch
2021-01-26 11:38 ` Michael Tremer
-1 siblings, 1 reply; 13+ messages in thread
From: Bernhard Bitsch @ 2021-01-25 21:50 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 6611 bytes --]
Hi,
to come back to the facts, some annotations about the addon. I first decided to post them in the community thread about the addon, but in the situation now I think it is better here.
I've installed Frank's tar file from the community and studied the source.
- Doing the traffic measurement through iptables rules may be effitive but ineffidcient. Did not investigate the overhead introduced into the system. Maybe it isn't so much ( my tiny ALIX didn't get inresponive ), but it is just a feeling for misuse of iptables.
- Using the CUSTOM... chains isn't a good idea. As Michael mentioned these should 'reserved' for user's purposes. Further, the rules are added without looking into the existing contents. Also no good idea.
- The rules are generated 'on the fly'. Nice, tricky process, but not really verifiable.
- Graphs are generated at each update. This is the good old IPCop manner. This process seems to be very efficient, but it is not! The graphs are displayed quicker in the WUI, but on the cost of a great load for generating them periodically. I think 99,5% of the genarated images aren't looked at by the user. This is the reason, why IPFire generates such graphics on demand.
- I do not know whether using a SQLite data base for the data is really convinient. An invocation on the shell ( with argument '-d' ) shows a very slow processing. The main program /usr/local/bin/iptraffic is called every minute.
To my opinion these observations could have been a start point for a discussion. But after Frank is leaving us ( why? ), I don't beleive there is somebody now for basic developmnent and maintance of this feature.
Remains the question, do we need such a tool for measuring IP traffic for a certain ( all ) client(s) in the local network(s).
Best,
Bernhard
Thx, Michael, for bringing back the discussion from privae to public.
> Gesendet: Montag, 25. Januar 2021 um 22:01 Uhr
> Von: "Michael Tremer" <michael.tremer(a)ipfire.org>
> An: "Frank Mainz" <frank(a)cybermainzel.de>
> Cc: "development" <development(a)lists.ipfire.org>
> Betreff: Re: [PATCH] New package: IPTraffic 0.8.2
>
> Hello Frank,
>
> We have a policy to not take public conversations private:
>
> https://wiki.ipfire.org/devel/contact
>
> It is under "Never make a public conversation private” and it is there because sometimes mail user agents do this because of bad UI, and sometimes there are other reasons.
>
> -Michael
>
> > On 25 Jan 2021, at 20:58, Frank Mainz <frank(a)cybermainzel.de> wrote:
> >
> > Michael,
> > I had not answered without reason only privately.
> > Throw away the AddOn. Forget it.
> >
> > unfortunately you can't unsubscribe with a simple "unsubscibe".
> >
> > What is a spam filter for.
> >
> > Am Montag, den 25.01.2021, 20:48 +0000 schrieb Michael Tremer:
> >> Hello Frank,
> >>
> >>> On 25 Jan 2021, at 20:22, Frank Mainz <frank(a)cybermainzel.de>
> >>> wrote:
> >>>
> >>> Am Montag, den 25.01.2021, 20:05 +0000 schrieb Michael Tremer:
> >>>> Hi Frank,
> >>>>
> >>>> Thank you for your email, but it didn’t answer any of my
> >>>> questions.
> >>>>
> >>>> I wasn’t aware of the wiki pages, but I had a look at it.
> >>>>
> >>>> The questions from my previous email remain though. I do not
> >>>> think a
> >>>> single one was answered.
> >>>
> >>> That is not my problem.
> >>
> >> Okay, I am sorry, but I would have to vote to reject this patch then.
> >>
> >> It is very important that we review all code that is going into the
> >> distribution and that we have a reason that it is there. Code that is
> >> redundant, not needed and unmaintained is a potential security
> >> problem. I am sure this is very easy to understand.
> >>
> >> Also, you can read here what it takes to get your patches into the
> >> distribution:
> >>
> >> https://wiki.ipfire.org/devel/submit-patches
> >>
> >> This is not there for our own entertainment. It is a tested and tuned
> >> process which guarantees that IPFire is a product of very high
> >> quality.
> >>
> >>>>> On 25 Jan 2021, at 19:51, Frank Mainz <frank(a)cybermainzel.de>
> >>>>> wrote:
> >>>>>
> >>>>> Hello Michael,
> >>>>>
> >>>>> look in the WIKI and you know what is displayed. Otherwise, the
> >>>>> traffic
> >>>>> of individual IP addresses is logged with the help of entries
> >>>>> in
> >>>>> the
> >>>>> CUSTOM chains and graphically prepared.
> >>>>
> >>>> The CUSTOM* chains can’t be touched by any programs that come
> >>>> with
> >>>> the distributions. They exist for users to add any custom rules
> >>>> and
> >>>> they are under full control by the user only.
> >>>
> >>> Then it does fit.
> >>
> >> No, it doesn’t, because you are not the user of all those firewalls.
> >>
> >> Every chain has a defined purpose, and you are using it for something
> >> it isn’t designed for and it will break setups.
> >>
> >>>>> https://wiki.ipfire.org/addons/iptraffic-playground
> >>>>>
> >>>>>
> >>>>> Greetings Frank
> >>>>>
> >>>>> PS: Fullquote removed
> >>>>
> >>>> Why? I don’t recommend doing this because it removes context from
> >>>> the
> >>>> conversation.
> >>>>
> >>>> Best,
> >>>> -Michael
> >>>
> >>> Then be careful next time not to quote >100 lines of source code.
> >>> How
> >>> this is supposed to preserve context is beyond me.
> >>
> >> Because we write comments into the code. And we normally try to
> >> answer other people’s questions.
> >>
> >> Do not forget that many people are reading this list and they do not
> >> devote a lot of time to get themselves involved in everything.
> >> Therefore things have to be understood at a quick glance.
> >>
> >>> But do what you want. Exactly because of such reactions I didn't
> >>> want
> >>> to port the AddOn for IPFire.
> >>
> >> I have absolutely no idea why you are reacting like this. The process
> >> is clear and I am here to make IPFire as good as I can possibly do.
> >>
> >> I have simply asked what your code is and what it does. You seem to
> >> not want to answer those questions and why is unfortunately beyond
> >> me.
> >>
> >>> Have a nice life. I am out.
> >>
> >> Under those circumstances I must say that I find it very
> >> disappointing that you have wasted my time and Matthias’ time, too. I
> >> have re-read my email and I do not see why this might have caused any
> >> offence.
> >>
> >> I assume that nobody else wants to push this forward any more and
> >> maintain this code?
> >>
> >> -Michael
> >
>
>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] New package: IPTraffic 0.8.2
2021-01-25 21:50 Aw: " Bernhard Bitsch
@ 2021-01-26 11:38 ` Michael Tremer
0 siblings, 0 replies; 13+ messages in thread
From: Michael Tremer @ 2021-01-26 11:38 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 9279 bytes --]
Hello Bernhard,
> On 25 Jan 2021, at 21:50, Bernhard Bitsch <Bernhard.Bitsch(a)gmx.de> wrote:
>
> Hi,
>
> to come back to the facts, some annotations about the addon. I first decided to post them in the community thread about the addon, but in the situation now I think it is better here.
Yes, let’s please keep all development work here, because not many of us monitor the community portal all of the time, and it is easier to miss something on there, too.
> I've installed Frank's tar file from the community and studied the source.
>
> - Doing the traffic measurement through iptables rules may be effitive but ineffidcient. Did not investigate the overhead introduced into the system. Maybe it isn't so much ( my tiny ALIX didn't get inresponive ), but it is just a feeling for misuse of iptables.
Yes, that is a misuse of iptables and won’t perform at all.
In the past few years, we have been spending a lot of time on making sure that the kernel takes advantage of multiple processors and multiple queues in the network adapters - one of the things the Lightning Wire Labs appliances do really well. That way, we can have a smaller piece of hardware, but we can take advantage of all its features and make it really fast.
Suricata was also a big challenge, but it now uses all available processor cores.
The kernel used to only evaluate iptables rules on the first core, which was a big bottleneck and since modern hardware usually has more rather than faster cores, it would not have increased network throughput. The counters are mainly the problem here, because they require synchronisation between all processor cores.
Adding more rules like this would negatively impact network throughput - and probably even more importantly, the CUSTOM* chains have been used which make every single packet hit every single rule. One of the things that makes Linux a fast firewall is the connection tracking and that we only need to look at very few rules for existing connections. This is changed here when there is a rule for every single monitored host on the network.
> - Using the CUSTOM... chains isn't a good idea. As Michael mentioned these should 'reserved' for user's purposes. Further, the rules are added without looking into the existing contents. Also no good idea.
> - The rules are generated 'on the fly'. Nice, tricky process, but not really verifiable.
That is how we generate firewall rules. There is nothing wrong with this. Our other scripts have a debug option, so that the generated rules will be written to a file to have a look at them before throwing them into the kernel.
> - Graphs are generated at each update. This is the good old IPCop manner. This process seems to be very efficient, but it is not! The graphs are displayed quicker in the WUI, but on the cost of a great load for generating them periodically. I think 99,5% of the genarated images aren't looked at by the user. This is the reason, why IPFire generates such graphics on demand.
Many people are running IPFire on flash storage and we try to keep write operations to a minimum. It is of course not possible to save us from storing the data in the RRD database, but the image does not need to be generated.
> - I do not know whether using a SQLite data base for the data is really convinient. An invocation on the shell ( with argument '-d' ) shows a very slow processing. The main program /usr/local/bin/iptraffic is called every minute.
Oh wow. Why would there be a SQLite database when there are RRD databases?
> To my opinion these observations could have been a start point for a discussion. But after Frank is leaving us ( why? ), I don't beleive there is somebody now for basic developmnent and maintance of this feature.
> Remains the question, do we need such a tool for measuring IP traffic for a certain ( all ) client(s) in the local network(s).
We do not urgently need it, but I would like to have that feature at some point.
I would like it to monitor all traffic though without adding any hosts first, because then we can simply do more with the data. This will be slightly tricky with many hosts, but it isn’t impossible when designed well. There is pmacct which seems to be a good basis to start from without reinventing the wheel and it looks like it performs much better than iptables rules. But I have never actually built it.
-Michael
> Best,
> Bernhard
>
> Thx, Michael, for bringing back the discussion from privae to public.
>
>> Gesendet: Montag, 25. Januar 2021 um 22:01 Uhr
>> Von: "Michael Tremer" <michael.tremer(a)ipfire.org>
>> An: "Frank Mainz" <frank(a)cybermainzel.de>
>> Cc: "development" <development(a)lists.ipfire.org>
>> Betreff: Re: [PATCH] New package: IPTraffic 0.8.2
>>
>> Hello Frank,
>>
>> We have a policy to not take public conversations private:
>>
>> https://wiki.ipfire.org/devel/contact
>>
>> It is under "Never make a public conversation private” and it is there because sometimes mail user agents do this because of bad UI, and sometimes there are other reasons.
>>
>> -Michael
>>
>>> On 25 Jan 2021, at 20:58, Frank Mainz <frank(a)cybermainzel.de> wrote:
>>>
>>> Michael,
>>> I had not answered without reason only privately.
>>> Throw away the AddOn. Forget it.
>>>
>>> unfortunately you can't unsubscribe with a simple "unsubscibe".
>>>
>>> What is a spam filter for.
>>>
>>> Am Montag, den 25.01.2021, 20:48 +0000 schrieb Michael Tremer:
>>>> Hello Frank,
>>>>
>>>>> On 25 Jan 2021, at 20:22, Frank Mainz <frank(a)cybermainzel.de>
>>>>> wrote:
>>>>>
>>>>> Am Montag, den 25.01.2021, 20:05 +0000 schrieb Michael Tremer:
>>>>>> Hi Frank,
>>>>>>
>>>>>> Thank you for your email, but it didn’t answer any of my
>>>>>> questions.
>>>>>>
>>>>>> I wasn’t aware of the wiki pages, but I had a look at it.
>>>>>>
>>>>>> The questions from my previous email remain though. I do not
>>>>>> think a
>>>>>> single one was answered.
>>>>>
>>>>> That is not my problem.
>>>>
>>>> Okay, I am sorry, but I would have to vote to reject this patch then.
>>>>
>>>> It is very important that we review all code that is going into the
>>>> distribution and that we have a reason that it is there. Code that is
>>>> redundant, not needed and unmaintained is a potential security
>>>> problem. I am sure this is very easy to understand.
>>>>
>>>> Also, you can read here what it takes to get your patches into the
>>>> distribution:
>>>>
>>>> https://wiki.ipfire.org/devel/submit-patches
>>>>
>>>> This is not there for our own entertainment. It is a tested and tuned
>>>> process which guarantees that IPFire is a product of very high
>>>> quality.
>>>>
>>>>>>> On 25 Jan 2021, at 19:51, Frank Mainz <frank(a)cybermainzel.de>
>>>>>>> wrote:
>>>>>>>
>>>>>>> Hello Michael,
>>>>>>>
>>>>>>> look in the WIKI and you know what is displayed. Otherwise, the
>>>>>>> traffic
>>>>>>> of individual IP addresses is logged with the help of entries
>>>>>>> in
>>>>>>> the
>>>>>>> CUSTOM chains and graphically prepared.
>>>>>>
>>>>>> The CUSTOM* chains can’t be touched by any programs that come
>>>>>> with
>>>>>> the distributions. They exist for users to add any custom rules
>>>>>> and
>>>>>> they are under full control by the user only.
>>>>>
>>>>> Then it does fit.
>>>>
>>>> No, it doesn’t, because you are not the user of all those firewalls.
>>>>
>>>> Every chain has a defined purpose, and you are using it for something
>>>> it isn’t designed for and it will break setups.
>>>>
>>>>>>> https://wiki.ipfire.org/addons/iptraffic-playground
>>>>>>>
>>>>>>>
>>>>>>> Greetings Frank
>>>>>>>
>>>>>>> PS: Fullquote removed
>>>>>>
>>>>>> Why? I don’t recommend doing this because it removes context from
>>>>>> the
>>>>>> conversation.
>>>>>>
>>>>>> Best,
>>>>>> -Michael
>>>>>
>>>>> Then be careful next time not to quote >100 lines of source code.
>>>>> How
>>>>> this is supposed to preserve context is beyond me.
>>>>
>>>> Because we write comments into the code. And we normally try to
>>>> answer other people’s questions.
>>>>
>>>> Do not forget that many people are reading this list and they do not
>>>> devote a lot of time to get themselves involved in everything.
>>>> Therefore things have to be understood at a quick glance.
>>>>
>>>>> But do what you want. Exactly because of such reactions I didn't
>>>>> want
>>>>> to port the AddOn for IPFire.
>>>>
>>>> I have absolutely no idea why you are reacting like this. The process
>>>> is clear and I am here to make IPFire as good as I can possibly do.
>>>>
>>>> I have simply asked what your code is and what it does. You seem to
>>>> not want to answer those questions and why is unfortunately beyond
>>>> me.
>>>>
>>>>> Have a nice life. I am out.
>>>>
>>>> Under those circumstances I must say that I find it very
>>>> disappointing that you have wasted my time and Matthias’ time, too. I
>>>> have re-read my email and I do not see why this might have caused any
>>>> offence.
>>>>
>>>> I assume that nobody else wants to push this forward any more and
>>>> maintain this code?
>>>>
>>>> -Michael
>>>
>>
>>
^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2021-01-28 10:08 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-01-17 17:15 [PATCH] New package: IPTraffic 0.8.2 Matthias Fischer
2021-01-25 19:27 ` Michael Tremer
2021-01-25 19:51 ` Frank Mainz
2021-01-25 20:05 ` Michael Tremer
2021-01-26 16:45 ` Matthias Fischer
2021-01-26 17:03 ` Aw: " Bernhard Bitsch
2021-01-27 11:32 ` Michael Tremer
2021-01-27 18:36 ` Matthias Fischer
2021-01-28 10:08 ` Matthias Fischer
[not found] <2cc215c55a63d98924de4db8780ebf7ca89aefd7.camel@cybermainzel.de>
2021-01-25 20:48 ` Michael Tremer
2021-01-25 20:58 ` Frank Mainz
2021-01-25 21:01 ` Michael Tremer
2021-01-25 21:50 Aw: " Bernhard Bitsch
2021-01-26 11:38 ` Michael Tremer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox