Re: [Dorset] Monitoring Internet Connectivity.
Hi Ralph On 11/03/2019 13:49, t...@ls83.eclipse.co.uk wrote: As of today I think I'm actually a few steps behind on all this. I'd blocked CC#2's phone from connecting to the network (at the MAC level) but this morning he managed to take the network down for 15 minutes before leaving for school, and for several hours at various times yesterday. Finally got to the bottom of this. I thought I'd accounted for any additional routers but CC#2 had found one and has been plugging it in to an extension socket when the coast is clear. For whatever reason, that router wins out when both routers are connected. Cheers Tim -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
Hi Ralph On 11/03/2019 10:31, Ralph Corderoy wrote: Hi Tim, I had another idea. Use Quality of Service rules to slow down traffic to sites CC#2 likes, e.g. YouTube, during verboten hours for the whole home network on the assumption it won't impact SWMBO. The idea being that access works, but playback is stutters, etc., so he'll get bored. I see Draytek have a similar idea, but using DNS to block entirely, and capturing all DNS queries so 8.8.8.8 isn't a workaround. https://www.draytek.com/en/faq/faq-security/security.firewall/how-to-block-youtube-for-some-of-lan-clients-only/ Yes, I'm doing something similar with the bandwidth limiting, and also Opendns, which can be used to block video sharing sites in general, or Youtube specifically. But the biggest time-waster is actually a game (Mobile Legends) which doesn't have any great bandwidth requirements, but appears to be completely addictive. That's the one I need to ration. As of today I think I'm actually a few steps behind on all this. I'd blocked CC#2's phone from connecting to the network (at the MAC level) but this morning he managed to take the network down for 15 minutes before leaving for school, and for several hours at various times yesterday. Cheers Tim -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
On 11/03/2019 10:31, Ralph Corderoy wrote: Hi Tim, The built in Draytek server allows for setting an IP address and mask and they have a number of help guides which I'll go through. But I'm getting the impression this is a bit OTT for a home network. I had another idea. Use Quality of Service rules to slow down traffic to sites CC#2 likes, e.g. YouTube, during verboten hours for the whole home network on the assumption it won't impact SWMBO. The idea being that access works, but playback is stutters, etc., so he'll get bored. I see Draytek have a similar idea, but using DNS to block entirely, and capturing all DNS queries so 8.8.8.8 isn't a workaround. https://www.draytek.com/en/faq/faq-security/security.firewall/how-to-block-youtube-for-some-of-lan-clients-only/ You are cruel Ralph, but I like it. P. -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
Hi Tim, > The built in Draytek server allows for setting an IP address and mask > and they have a number of help guides which I'll go through. But I'm > getting the impression this is a bit OTT for a home network. I had another idea. Use Quality of Service rules to slow down traffic to sites CC#2 likes, e.g. YouTube, during verboten hours for the whole home network on the assumption it won't impact SWMBO. The idea being that access works, but playback is stutters, etc., so he'll get bored. I see Draytek have a similar idea, but using DNS to block entirely, and capturing all DNS queries so 8.8.8.8 isn't a workaround. https://www.draytek.com/en/faq/faq-security/security.firewall/how-to-block-youtube-for-some-of-lan-clients-only/ -- Cheers, Ralph. -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
Hi Patrick On 10/03/2019 01:36, Patrick Wigmore wrote: My experience of RADIUS is limited to being a sometime user of [eduroam][1], which uses it. Thanks for explaining how this could work. If the client can be reliably forced into a particular VLAN or a particular IP address by the access point on the basis of the client's authenticated identity, then it is going to be easy for a router/ firewall to control what the client can access and when. The built in Draytek server allows for setting an IP address and mask and they have a number of help guides which I'll go through. But I'm getting the impression this is a bit OTT for a home network. Cheers Tim -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
Hi Patrick, > > So RADIUS knows how to Authenticate. It then Authorises > > I have made the old mistake of conflating Authentication and > Authorisation. I think I initially got them the wrong way around at least once when typing. It's a bad idea in software to have identifiers that are similar at the start because the fingers too easily slip into typing the wrong one whilst the brain's moved on to thinking about what's next. I think standards and protocols can also make the same mistake, increasing the cognitive overhead in remembering all the terms as they're learnt. I expect `Triple A' here had too much appeal to describe Corroborating the claimed identity, Permitting the user's actions, and Tallying their usage. :-) -- Cheers, Ralph. -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
On Sun, 10 Mar 2019 09:57:56 +, Ralph Corderoy wrote: > So RADIUS knows how to Authenticate. It then Authorises I have made the old mistake of conflating Authentication and Authorisation. -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
Hi Tim, Patrick wrote: > My understanding is that RADIUS is a protocol for services that > provide authentication for one or more different network access > mechanisms. So, on its own, RADIUS is not really a solution at all, > just part of a solution. Yes, I think there's three parties. The laptop, the access point, and the RADIUS server software. RADIUS could be running on the access point's hardware, but doesn't have to be. The AP is configured to defer to RADIUS on whether the laptop is allowed. This can be using a username/password, or a certificate generated earlier by RADIUS solely for the laptop and then copied onto it. So RADIUS knows how to Authenticate. It then Authorises, and that's where logic can come into it, e.g. only from 9-5 weekdays. It's up to the AP to implement the restrictions using what RADIUS tells it. I don't know the level of understanding between the AP and RADIUS, e.g. RADIUS might keep updating the AP with new Authorisations over time. After that, RADIUS can keep track of Accounting, again with the AP's involvement as it's the AP that sees the traffic, not RADIUS. That allows buying 60 minutes of Wi-fi, etc. > > Yes, that's a possibility, as the Draytek has multiple SSIDs with > > scheduling. But fairly quickly the unscheduled SSID passwords will > > be compromised. > > If the compromise is by means of extracting credentials from other > devices, then I suppose the same risk could apply to a solution using > RADIUS. Yes, though ISTM some systems prevent easy copying of the certificate, e.g. Android. https://www.ed.ac.uk/information-services/computing/desktop-personal/wifi-networking/configure-device/eduroam-android -- Cheers, Ralph. -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
Hi Tim H, > Think you will find it now called IPFire, think they have a free and > paid for version including hardware devices as well. Thanks, I hadn't heard of them. Seems it's a fork of IPCop from long ago, just as IPCop was a Smothwall fork. IPFire are still going, but marked the demise of IPCop. https://blog.ipfire.org/post/goodbye-ipcop -- Cheers, Ralph. -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
On Sat, 09 Mar 2019 17:58:26 +, t...@ls83.eclipse.co.uk wrote: > Yes, not only that but I'm hoping that CC#2, by trying to beat the > system, will learn a bit about networking rather than just using > it. :-) > As someone who hasn't come across RADIUS before, could you explain > how it could help in this situation (i.e. preventing someone from > connecting to the network with an arbitrary IP address)? My experience of RADIUS is limited to being a sometime user of [eduroam][1], which uses it. I don't really know much about how it works, but I'll take the opportunity to improve my understanding by trying to explain it. My understanding is that RADIUS is a protocol for services that provide authentication for one or more different network access mechanisms. So, on its own, RADIUS is not really a solution at all, just part of a solution. In the context of a WiFi network, I imagine RADIUS will most likely be integrated with WPA2, using [EAP][2]. Alternatively, RADIUS could be linked to a web-page-based captive portal. A third option might be to provide WiFi access only to a VPN server or some other portal/proxy/gateway server, which uses RADIUS to authenticate users and then provides access to the network proper. Of these, I don't think the captive portal option will help. By not using WiFi encryption, it leaves the door open for a client to imitate another client to take advantage of its greater privilege. Using the WPA2 option, I believe the authentication occurs before the client device is connected to the network by the access point. I suppose the access point is therefore the arbiter of what kinds of connections are possible, under the instruction of the RADIUS server. (I suppose the access point fulfils the "Network Access Server" role.) So the RADIUS server might, in effect, tell the access point which VLAN to tag an authenticated client's traffic with, for example, or it might tell it which IP addresses the client can use. These are certainly just guesses on my part: the sorts of outcomes that would make sense to me. If the client can be reliably forced into a particular VLAN or a particular IP address by the access point on the basis of the client's authenticated identity, then it is going to be easy for a router/ firewall to control what the client can access and when. The access point can also send the RADIUS server updates about whether the client is still connected, to enable the accounting feature. The RADIUS server could itself have any kind of back-end, potentially integrating with a wider system of user accounts. I'm surprised, but probably shouldn't be, to learn that the [hostapd][3] daemon is not only capable of using a RADIUS server, but also capable of being a RADIUS server itself. > > One 'cheaper' option for authentication would be to just have more > > than one WiFi SSID. > > Yes, that's a possibility, as the Draytek has multiple SSIDs with > scheduling. But fairly quickly the unscheduled SSID passwords will > be compromised. If the compromise is by means of extracting credentials from other devices, then I suppose the same risk could apply to a solution using RADIUS. Patrick [1]: https://www.eduroam.org/ [2]: https://en.wikipedia.org/wiki/Extensible_Authentication_Protocol [3]: https://w1.fi/hostapd/ -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
Hi Patrick On 08/03/2019 21:56, Patrick Wigmore wrote: I have got the impression from these messages that Tim might be quite enjoying the cat and mouse game, and so going straight for the 'nuclear option' of RADIUS might spoil the fun! Having said that, perhaps I am underestimating the adversary. Yes, not only that but I'm hoping that CC#2, by trying to beat the system, will learn a bit about networking rather than just using it. As someone who hasn't come across RADIUS before, could you explain how it could help in this situation (i.e. preventing someone from connecting to the network with an arbitrary IP address)? One 'cheaper' option for authentication would be to just have more than one WiFi SSID. Yes, that's a possibility, as the Draytek has multiple SSIDs with scheduling. But fairly quickly the unscheduled SSID passwords will be compromised. Cheers Tim -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
On Sat, 9 Mar 2019 16:57:37 + PeterMerchant via dorset wrote: > On 09/03/2019 10:58, Ralph Corderoy wrote: > > Hi Patrick, > > > >> I have got the impression from these messages that Tim might be quite > >> enjoying the cat and mouse game > > A motivator attacker seems prefereable to a consuming CC#2. :-) > > > >> and so going straight for the 'nuclear option' of RADIUS might spoil > >> the fun! > > True. It occurred to me that Draytek may already provide a RADIUS > > server, and Google says they do, > > https://www.draytek.co.uk/support/guides/kb-internal-radius, but it's > > behind a registration-wall so I read no further. > > > I had in mind suggesting using IpCop on a spare computer between the router > and the network, but > see that it has not been updated since 2015, and the last item in the press > for it was 2010. > > Peter > > > -- > Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 > Check to whom you are replying > Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ > New thread, don't hijack: mailto:dorset@mailman.lug.org.uk Think you will find it now called IPFire, think they have a free and paid for version including hardware devices as well. Tim H -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
On 09/03/2019 10:58, Ralph Corderoy wrote: Hi Patrick, I have got the impression from these messages that Tim might be quite enjoying the cat and mouse game A motivator attacker seems prefereable to a consuming CC#2. :-) and so going straight for the 'nuclear option' of RADIUS might spoil the fun! True. It occurred to me that Draytek may already provide a RADIUS server, and Google says they do, https://www.draytek.co.uk/support/guides/kb-internal-radius, but it's behind a registration-wall so I read no further. I had in mind suggesting using IpCop on a spare computer between the router and the network, but see that it has not been updated since 2015, and the last item in the press for it was 2010. Peter -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
Hi Patrick, > I have got the impression from these messages that Tim might be quite > enjoying the cat and mouse game A motivator attacker seems prefereable to a consuming CC#2. :-) > and so going straight for the 'nuclear option' of RADIUS might spoil > the fun! True. It occurred to me that Draytek may already provide a RADIUS server, and Google says they do, https://www.draytek.co.uk/support/guides/kb-internal-radius, but it's behind a registration-wall so I read no further. -- Cheers, Ralph. -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
On Fri, 08 Mar 2019 16:23:55 +, Ralph Corderoy wrote: > I've not used it, and don't fully understand its operation, but I > wonder if RADIUS is well suited to the `authentication and > authorisation' of clients to the home network. I have got the impression from these messages that Tim might be quite enjoying the cat and mouse game, and so going straight for the 'nuclear option' of RADIUS might spoil the fun! Having said that, perhaps I am underestimating the adversary. One 'cheaper' option for authentication would be to just have more than one WiFi SSID. -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
Hi Ralph On 08/03/2019 16:23, Ralph Corderoy wrote: Hi Tim, There's a fair number of devices (20-30) on the network at any time. I've not used it, and don't fully understand its operation, but I wonder if RADIUS is well suited to the `authentication and authorisation' of clients to the home network. https://freeradius.org/ is popular and packaged for Debian. This would be at a higher level than MAC or IP address and allow password or certificates to be used for authentication. With RADIUS's third `A', accounting, CC#2 could be given the option of out of hours access for a fee. :-) Haha - thanks, will do some reading. Cheers Tim -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
Hi Keith On 08/03/2019 16:46, Keith Edmunds wrote: You might want to install arpalert, too. http://www.arpalert.org/arpalert.html Thanks, have installed and set this up. Cheers Tim -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
You might want to install arpalert, too. http://www.arpalert.org/arpalert.html -- Linux Tips: https://www.tiger-computing.co.uk/category/techtips/ -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
Hi Tim, > There's a fair number of devices (20-30) on the network at any time. I've not used it, and don't fully understand its operation, but I wonder if RADIUS is well suited to the `authentication and authorisation' of clients to the home network. https://freeradius.org/ is popular and packaged for Debian. This would be at a higher level than MAC or IP address and allow password or certificates to be used for authentication. With RADIUS's third `A', accounting, CC#2 could be given the option of out of hours access for a fee. :-) -- Cheers, Ralph. -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
Hi Stephen On 08/03/2019 11:17, Stephen Wolff wrote: Hiya then for around 30 minutes in the morning, returning exactly as Cost Centre #2 left for school. Blimey. Hadn’t considered that CCs could upset networking routing in the house. I think I’d better try this SmokePing thing Try Ralph's script - it tracked down the culprit for me pretty quickly! Cheers Tim -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
Hi Ralph On 08/03/2019 11:12, Ralph Corderoy wrote: Hi Tim, then for around 30 minutes in the morning, returning exactly as Cost Centre #2 left for school. I was going to mention at the club if it could be your policy rules interfering. It didn't occur to me it could be them being routed around. :-) A few months ago, everything starts being a bit flaky. Sometimes I can't get a DHCP response from Golux when trying to connect my own laptop to one Wifi access point, but can do from one of the others. I have my suspicions, especially as rebooting the router clears the problem. Suspicions reinforced as flushing the router ARP table also clears the problem. But can't see anything untoward in the ARP table contents. Could #CC2 be switching to your laptop's MAC address? I think the evidence is that he's switching to Golux's IP address, as I lose connectivity with Golux from work (over VPN) when he's doing his thing. My laptop's off/asleep so it's really out of the equation. What I can't explain though is that I can't contact the router either from work during those times, and from the logs the router WAN actually goes down. I did suspect at one point he may be plugging another router into a phone extension socket, but have ruled that out. Could be down to the router being configured to use Golux as its DNS server. 7. So, last night, a quick fix of blacklisting CC#2's phone MAC for Wifi access in all the access points, although longer term will change this to a whitelist and IP filtering. How about leaving the mouse to continue his excursions, but see if you can monitor traffic levels over time by MAC or IP address on the Draytek. Or if the Draytek doesn't offer that, on Golux, if all traffic must pass through it to reach the Draytek. That might give a clue as to what's being spoofed? Yes, I had that in mind. If it's just the IP address it should be fairly quick to nail. If it's MAC and IP address, could take a bit of figuring and may be easier to bring out the thumbscrews :) There's a fair number of devices (20-30) on the network at any time. Cheers Tim -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
Hiya >> then for around 30 minutes in the morning, returning exactly as Cost >> Centre #2 left for school. Blimey. Hadn’t considered that CCs could upset networking routing in the house. I think I’d better try this SmokePing thing -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
Hi Tim, > then for around 30 minutes in the morning, returning exactly as Cost > Centre #2 left for school. I was going to mention at the club if it could be your policy rules interfering. It didn't occur to me it could be them being routed around. :-) > A few months ago, everything starts being a bit flaky. Sometimes I > can't get a DHCP response from Golux when trying to connect my own > laptop to one Wifi access point, but can do from one of the others. I > have my suspicions, especially as rebooting the router clears the > problem. Suspicions reinforced as flushing the router ARP table also > clears the problem. But can't see anything untoward in the ARP table > contents. Could #CC2 be switching to your laptop's MAC address? > 7. So, last night, a quick fix of blacklisting CC#2's phone MAC for > Wifi access in all the access points, although longer term will change > this to a whitelist and IP filtering. How about leaving the mouse to continue his excursions, but see if you can monitor traffic levels over time by MAC or IP address on the Draytek. Or if the Draytek doesn't offer that, on Golux, if all traffic must pass through it to reach the Draytek. That might give a clue as to what's being spoofed? -- Cheers, Ralph. -- Next meeting: BEC, Bournemouth, Tuesday, 2019-04-02 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
Hi Aidan On 06/03/2019 13:22, aidangcole--- via dorset wrote: Personally, I tend to use SmokePing for this type of thing https://oss.oetiker.ch/smokeping/ Took a look at this as it looked ideal, but does pull in a bunch of dependencies including Apache and a mail server. Cheers Tim On 06/03/2019 13:12, t...@ls83.eclipse.co.uk wrote: Hi Ralph On 06/03/2019 08:53, Ralph Corderoy wrote: Hi, Discussion last night included spotting if one's connection to the Internet suffered problems overnight. The conclusion was a simple script to log data for later inspection with journalctl(1) was probably good enough. Attached is such a bash script. I haven't run it as I'm in a hurry today, so bugs are left as an exercise to the reader to discover. :-) Thanks for this. In the end used the echo rather than logger so that running under nohup just writes the log to nohup.out Will let this run for a few days (with time limit removed) and see what happens. Cheers Tim -- Next meeting: BEC, Bournemouth, Tuesday, 2019-03-05 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk -- Next meeting: BEC, Bournemouth, Tuesday, 2019-03-05 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk -- Next meeting: BEC, Bournemouth, Tuesday, 2019-03-05 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
Personally, I tend to use SmokePing for this type of thing https://oss.oetiker.ch/smokeping/ On 06/03/2019 13:12, t...@ls83.eclipse.co.uk wrote: Hi Ralph On 06/03/2019 08:53, Ralph Corderoy wrote: Hi, Discussion last night included spotting if one's connection to the Internet suffered problems overnight. The conclusion was a simple script to log data for later inspection with journalctl(1) was probably good enough. Attached is such a bash script. I haven't run it as I'm in a hurry today, so bugs are left as an exercise to the reader to discover. :-) Thanks for this. In the end used the echo rather than logger so that running under nohup just writes the log to nohup.out Will let this run for a few days (with time limit removed) and see what happens. Cheers Tim -- Next meeting: BEC, Bournemouth, Tuesday, 2019-03-05 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk -- Next meeting: BEC, Bournemouth, Tuesday, 2019-03-05 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
Re: [Dorset] Monitoring Internet Connectivity.
Hi Ralph On 06/03/2019 08:53, Ralph Corderoy wrote: Hi, Discussion last night included spotting if one's connection to the Internet suffered problems overnight. The conclusion was a simple script to log data for later inspection with journalctl(1) was probably good enough. Attached is such a bash script. I haven't run it as I'm in a hurry today, so bugs are left as an exercise to the reader to discover. :-) Thanks for this. In the end used the echo rather than logger so that running under nohup just writes the log to nohup.out Will let this run for a few days (with time limit removed) and see what happens. Cheers Tim -- Next meeting: BEC, Bournemouth, Tuesday, 2019-03-05 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
[Dorset] Monitoring Internet Connectivity.
Hi, Discussion last night included spotting if one's connection to the Internet suffered problems overnight. The conclusion was a simple script to log data for later inspection with journalctl(1) was probably good enough. Attached is such a bash script. I haven't run it as I'm in a hurry today, so bugs are left as an exercise to the reader to discover. :-) mtr(1) was also mentioned, e.g. `mtr -i3 8.8.4.4'. -- Cheers, Ralph. #! /bin/bash progname=${0##*/} peer=8.8.8.8 # Google's Public DNS server. wait=3 # Seconds to wait for pong. breather=61 # Seconds between pings to avoid taxing $peer. today=$(date +%d) # Stop at the end of the day. lastr=start let sent=0 changes=0 while true; do # ping(1)'s -w ignores -c and a timeout doesn't affect exit(2), # so use timeout(1). timeout $wait ping -qc1 $peer >/dev/null r=$? let sent++ if [[ $r != $lastr ]]; then echo logger -t $progname $peer: transition: $lastr to $r lastr=$r let changes++ fi [[ $(date +%d) == $today ]] || break sleep $breather done echo $progname: sent: $sent changes: $changes -- Next meeting: BEC, Bournemouth, Tuesday, 2019-03-05 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk