I use IPCop for my router/firewall. I really like. It’s easy to install and has a nice user interface. It has support for DHCP, DNS, proxy http transparently (or explicitly if you want the hassle), built in support for Snort, port forwarding, VPN support, runs on Linux, and much more.
One of the features of IPCop is that it will produce traffic graphs for you. I thought it would be cool to make my traffic graphs publicly available. I figured it would be easy to just use mod_proxy to forward requests to my firewall to fetch the graphs. Unfortunately, mod_proxy forwards the HTTP Authentication down to the browser and doesn’t let you specify the HTTP authentication credentials in the proxy configuration.
So I decided to just set up a cron job that runs every hour and downloads the graphs to my web server. It’s not as cool as mod_proxy but it only took a few minutes to set up and it works just fine.
The “Traffic on RED” means that it’s the traffic for the red network interface. With IPCop, the red interface is the public facing interface, the green interface is the internal NATed interface (not shown because in my case it’s just the inverse of the red graphs) and the orange interface is the DMZ. I have an orange interface but nothing’s plugged into it so I didn’t bother to show graphs of nothingness.
The graphs are shown below. Push refresh every hour to watch them change. If you were to run some type of DoS attack, you could watch the graphs peak. I’m not suggesting you launch a DoS attack. I’m just saying…
Leave a Reply
You must be logged in to post a comment.