Clobberd 4.16+ Manual (concise)
February 2000
Manual Contributors
- Phillip Morgan (pjm@ehcs.com.au)
- Jason Nunn (jsno@downunder.net.au)
Some of this material is from Phillip Morgans Clobberd 4.3 manual. The
rest i (jason) have compiled. The bits remaining from Phillips manual are
very well written and explanatory. the bits i have added are very concise,
brief, mathematical and possibly confusing. i'm not very good at
documenting. if you find an area that i haven't explained well or just
plain wrong, then please let me know or feel free to send me a patch ;).
Also be aware that this manual can seriously lagg behind the current
revision. For example, this manual wasn't updated for a year. The last
manual revision was for 4.3, and 4.16 is miles ahead of 4.3. Nb/ I have
updated this manual now, but i won't be making a habit of it! ;)
Where to obtain clobberd
Clobberd is distributed free under the GNU licence and can be obtained
from the following places:
ftp://ftp.cdrom.com/pub/unixfreeware/network
ftp://metalab.unc.edu/pub/Linux/system/admin/idle
ftp://ftp.tcc-comp.com.au/pub/unix/linux/clobberd
http://www.accessnt.com.au/~jsno/rel/unix_projects
Maintaining the documentation.
This is an independent text manual that documents clobberd 4.x. It is
maintained by you the community, and can be maintained by anyone with a
small amount of spare time. It is not a "finished" work.
If you wish to fill in a few paragraphs, just put your initials (in
brackets) next to the section/subsection title, and email this ammended
document to jsno@downunder.net.au. He will then make it available on his
page.
Synopsis
Clobberd is a daemon that runs on a single host, and monitors user
activity and network interface activity.
- For user monitoring, clobberd monitors the utmp file (typically
/var/run/utmp), monitors their time online, what network interfaces
they are using (ie PPP), and how much network traffic they are
creating. It monitors all this information, and regulates them
according to a set of restrictions.
- For network interface monitoring, it will simply monitor the amount of
traffic, and the time it is active. no regulation is done.
Users are able to view their stats via a web page, and a remote
maintenance facility allows you to maintain user data from anywhere on
your network.
Here is a basic model:
Configuration files used
Clobberd stores its configuration files in /var/local/clobberd.
boot.conf
This is the main configuration file. Typical structure as follows:
--$-----------------------------------------------------------------
######################################################################
# clobberd boot file (4.11+)
#
######################################################
# clobberd defs
passwd: honda
max_kons: 16
kon_timeout: 3600
# can either be 'y', 'Y'. anything else is no.
#
clobber_logins_only: y
# 1 = hangup, 9 = kill
#
kill_signal: 1
pppd_run_dir: /var/run
# set these to your modem terminals (max entries: 256)
# Nb/ only need to do this if you're using modem lenency facility
#
add_tty: ttyp1
add_tty: ttyp2
add_tty: ttyp3
add_tty: ttyp4
add_tty: ttyp5
add_tty: ttyp6
add_tty: ttyp7
# users to exempt (max entries: 32)
#
add_exempt_user: root
add_exempt_user: jsno
######################################################
# clob_notify defs
sendmail_file: /usr/sbin/sendmail
# flash methods (max entries: 15)
#
add_flash_method: none
add_flash_method: /usr/bin/write $U
--$-----------------------------------------------------------------
Nb/ Lines beginning with a pound (#), are treated as comments.
Description as follows:
"passwd:" ........... Password
"max_kons:" ......... Maximum number of allowable TCP connections (clients)
that clobberd will service concurrently.
kon_timeout: ........ TCP (client) timeout period. If client exhibits no
activity clobberd will disconnect them.
clobber_logins_only: kill method. If 'y', clobberd will only signal
process pid entries in users utmp entries. If 'n',
then clobberd will signal all user processes.
kill_signal: ........ the signal used by clobberd.
pppd_run_dir: ....... the path where pppd stores it's lock files. if you
don't have this right, clobberd won't monitor
volumes for ppp users.
add_tty: ............ add_tty is for the modem leniency facility (for modem
leniency, see later). Here you would normally specify
your active modem (serial) devices (/dev/ttyS0).
add_tty: ttyS0 (for /dev/ttyS0)
add_tty: ttyS1 (for /dev/ttyS1)
add_tty: ttyC0 (for /dev/ttyC0)
You may have up to 256 of these entries.
add_exempt_user: .... The login names of users that are to be excluded
from monitoring. YOU MUST HAVE AN ENTRY FOR root.
Entries in this file are typically for
administrative users, or those special (lucky?),
users who you allow unlimited access to your system.
You may have up to 8 of these entries.
sendmail_file: ...... The path of the 'sendmail' program
add_flash_method: ... Paths of programs to specify a given flash method.
clobberd will pass a given parameter to the method
you specify-
$U - username
$I - IP address (not implemented yet)
You may have up to 16 on these entries (including
the manditory "none" entry)
The sequence of entries in boot.conf is unimportant.
Message Files
Message files are text files which you can customise that typically live
in /var/local/clobberd/mesg. These files all begin with 'm_',
m_activity_to.txt: When no activity is detected withing the time
out period specified in the users configuration
the contents of this file are emailed to the
user and he/she is then disconnected.
m_banned.txt ..... For users that you ban from your site.
m_daily_net.txt .. Daily traffic message sent to users that exceed
their daily data transfer limit.
m_daily_time.txt Daily Time message sent to users that exceed
their daily time limit.
m_multiple.txt ... When a user attempts to run more than the allowed
concurrent sessions this contents of this file
are emailed to the user.
m_expired.txt .... If you use expiry dates for users, when the user
reaches his/her expiry date the contents of this
file is emailed to them.
m_total_net.txt .. This message is emailed to the user when he/she
exceeds the total amount of data set for their
transfers.
m_total_time.txt This message is emailed to the user when he/she
exceeds the total amount of time set for their
logins.
Log Files
Main logs:
Main.log ............ Main log file. contains aggregate info. TCP
connection info, and high level user logging info.
Daily.gstat.24hr.log Each time a daily purge is performed, an entry is
added. the log of the 24 hour taily.
Daily.gstat.log ..... Logs when dailt purge run. logs general "running
statistics".
Total.gstat.log ..... Same thing, accept is logs on a Total purge.
Per-user logs:
session.log ......... Logs session details like login statistics, and
logoff statistics.
daily.log ........... when a daily purge is performed, it adds an entry
to this file. this file contains various time and
volume stats about the user.
total.log ........... stats logs when a total purge is performed.
clobberd (daemon)
The clobberd daemon is the heart. It's the thing that monitors, records,
and kills. It generally lives in /user/local/sbin along with the other
clobberd utilities.
Until clobberd has been started you cannot run the clobberd clients. Nor
can you disconnect users or collect statistical information.
Clobberd is designed to run in the background and should be started when
your system is booted.
For details on how to install and use the daemon, refer to the INSTALL
file in the distribution.
clobberedit
Running and logging on
To start clobberedit type clobberedit host.domain. For example, on my
server it's "clobberedit clam.ehcs.com.au".
Clobberedit will check to see if clobberd is running. If not you will get
a red error box displayed with the error 'cannot connect to daemon'.
Clobberd is the heart. It's the thing that manages all the data, etc.
clobberedit connects to clobberd via a tcp connection, and tells clobberd
what to change, or asks clobberd for information. Clobberedit does not
touch the data at all.
Once clobberedit connects to clobberd, you will be prompted for your
administrative password. Type this password and press enter.
There is no encryption encoding when clobberedit sends clobberd the
password through the tcp connection.
{{{{Nb/ I was going to put it in, but I didn't see any need, as tcp
connections would not (normally) go out your local network, and even if
you had a hacker as a user, then your root password of your system would
be a more obvious and damaging selection for them.
There is very little that a hacker could do if they got access to
clobberd. The very worst thing that could happen, is disrupting the
operation of clobberd. and you can catch them in the act as clobberd
will record the connection details of who did it -- jsno }}}}.
The main clobberedit menu is displayed-
Important note about Locking
When you are in the "Edit General settings", "Edit user settings", and
"Edit user Monitors" functions, clobberd will apply file and record
"locking" so that data integrity is ensured. While some of the data
"Files" and "records" are locked, clobberd won't access them during it's
business of monitoring users (nb/ you can tell when your session has
locked something, because clobberedit will display a "LOCKED" message on
the bottom bar of the screen).
As you can imagine, When clobberd ignores certain tasks, certain users
(namely any users you're editting), will go ignored for that period of
time. So, it's very important, that when you have finished editting any of
these settings, to "get out" of these sections, so that the locks are
released, and clobberd can then continue to do full monitoring of all
users. With any other section, this doesn't apply.
Also, the locking mechanism (or rather, active sessions) have a timeout
period. Basically what this means is that if a connected session to
clobberd has been inactive for 1800 seconds (the default -- see
"max_kons:" directive in boot.conf file), then clobberd will kill that
connection. When the connection is killed, so too are the file and record
locks for that remote session.
So, in the event of clobberedit dying or being kill -9'ed before it had
time to tell clobberd to disenable to locks, clobberd will eventually be
able to access the data that's been locked out.
The Main menu
To the right of the main menu, you have a list of sections. To the right,
you have "Running Statistics". You can move you each on using the left and
right arrow keys.
The Running Statistics list stores statistical data of user connections
and sessions. Following are their meanings-
Memory Used: .......... This the the memory used by the program. it's
primary use to to detect any possible memory
leaks.
Total UM Entries: ..... This is a count of how many UM entries clobberd
has collected and is now monitoring.
Active Users: ......... A count of the number of active users clobberd is
monitoring (not including NIF's)
Active Network Conn's: Number of clobberd clients (clobberedit's, clob_*'s
currently connected to clobberd)
Number of free dialins: the number of free modems clobberd has detected
as not being used (see "add_tty:" directive in
boot.conf section).
Daily Connections: ....
Total Connections: .... these increment each time a user connects. Daily
Connections is cleared when a daily purge is
performed. Total Connections is cleared when a
total purge is performed.
Avg Daily Connections: each time a daily purge is done, the value of
Daily connections is integrated with this
value.
X = (X + Y) >> 1
this derives an average.
Avg Total Connections: Same principle as Daily connections, accept it's
for Total connections.
Avg Session Time:
Avg Daily Time:
Avg Total Time: ....... Again, this are all integration calculations.
Avg Session Time is calculated each time a user
session logs off (see terminal info in Monitor
users section).
Daily Traffic:
Total Traffic: ........ These track the all traffic by all users. Daily
Traffic is zeroed when a daily purge is
performed. Total Traffic is purged when
total traffic is performed.
Avg Session Traffic:
Avg Daily Traffic:
Avg Total Traffic: .... calculations volume averages. again, the daily
and total fields take effect during purges.
Connection Tally 1 Hr:
Connection Tally 2 Hr:
.
.
.
Connection Tally 24 Hr: a given field at a given hour increments when i
user sesion logs on. these values are cleared
when a daily purge is performed.
To leave clobberedit press SHIFT-Q or using the cursor keys move to
the menu list and select either "Kill the Masterand Quit" or "Quit".
The SHIFT-Q key combination is used to move backward through all
clobberedit screens.
When you press SHIFT-Q at the first/main clobberedit menu you are asked
'do you wish to quit'? Press Y to exit clobberedit, N to resume editting.
Edit General Settings
General settings are 'global' settings. That is they apply to all users.
This is the 'edit general settings' screen:
To navigate this screen use the up and down cursor keys. Press Enter
on a field to edit its contents. Press SHIFT-Q to return to the
clobberd main menu.
Root Email Address : When clobberd generates an email or a flash,
this will appear as the email address. This is
what your users to reply to if they desire to
reply to any messages (an example might be
root@cleanhacks.org).
Run Level : This setting controls how much information is
written to the log file. The options are
None, Normal and verbose. None does exactly that;
writes nothing to the log file. Normal writes
what most need to know - errors - disconnection
information etc. Verbose is generally useful
for debugging purposes as it writes reams of
information to the log file, much of it fairly
meaningless to the average user.
Sleep time of mont : Sleep time of the monitor.
This value determines how long the clobberd
daemon will sleep before checking connections
and settings. In this example, the sleep time
has been set to 2 minutes.
Setting it to a very low value (say less than 30
seconds), would be pointless. Clobberd would
spend alot of time checking connections and
settings, which means it's expensive on your
CPU resource. Setting the value too high is
likewise pointless.
When clobberd is installed, this value is initially
set to one minute (1:00).
Grace Time : When a user is sent an email (from one of the M_??
text files), how long will clobberd wait before
actually disconnecting the user.
Not all of the scenarios will use this setting.
For example, the m_expired text file used when the
user account has expired, will disconnect the user
immediately clobberd wakes up from it sleep time.
The value specified here is inserted into the
email sent to the user.
Grace Volume : Same thing as grace time, accept it applies to
volumes.
Master save time : This is the time period clobberd saves user settings
and monitor information. The default is 15 minutes.
Min free dialins : This is the "Modem Leniency" facility, that was
introduced by an anonymous contributor. It first
appeared after 2.4.
When the number of un-used lines reaches this
amount, (unused tty lines have a UID set to the
"tty_owner:" in the clobberd/etc/clobberd.boot), the
user will be immune to Daily Time disconnection.
To exempt this feature, just press SHIFT-E.
Default US setting : This is either set to Yes or No. If set to Yes, the
settings available with the next option are enabled.
Normally, you would set User settings for each user
to be monitored. However, this option allows you
to set settings for users that clobberd doesn't know
about, hence "Default User Settings". This option
is very popular with most ISP's, because it saves
them entering new user information. most of their
users have the same restrictions. so they enter
resource constraints in here, and any new users
that come onto their system automatically go under
the "Default Settings".
WARNING: We recommend you leave many of these options
untouched intitially. Setting them too low will cause
your users to be kicked of and you'll be extremely
unpopular. Run clobberd for a few weeks. Get a feel
for how much data your best, worst and average users
send and receive, and how long they stay online etc.
This will help you make informed judgements about
where to set the limits.
If you're in a hurry to start kicking people off,
then go for it. You've been warned :-)
These are the default user settings...
Record Type .......... : This displays the record type. there are 5
record types- Normal, Group, Link, Union, and
Effective. Effective is a derived type, you
can't set a group to this. The rest you can
set. Set appendix for an explaination. Record
types, and user group facilities is a new
feature implemented after 4.10.
Nb/ only "Normal" is applicable to the default
US record.
Email Host/Address : A fully qualified email address in the default
settings dialog is illogical, as these settings
will apply to any users that don't have a US
entry. So, for Default settings, the only two
entries applicable are- a) nothing, or b) an
smtp host.
Total time limit : The total amount of time a user may be online.
The total amount of time a user has used is
reset when you do the total purge.
Do not confuse this value with the daily time
limits, which determine how much time PER DAY
a user may be online.
Daily time limits : If Exempt is shown press SHIFT-E to remove the
exempt then press Enter to edit the settings.
Similarly, you can remove an entry with SHIFT-E
as well. The daily time limits table looks like
this...
You may configure 8 daily time limits. You
may use the same day in multiple configs.
Use the = and - keys to change the days. =
increments a value, - deecrements a value.
Press Enter to edit the Limit parameter.
Entries with --inactive-- are un-used entries.
Press SHIFT-Q when finished editting entries
to return to the default user settings screen.
An example:
Lets explain this by example- Pretend that your users have a maximum
Daily Time limit of 2 hours. Except, on weekends they have a Daily Limit
of 3 hrs, and during the time periods of 5pm and 8pm, they are only
allowed on for 1 hour.
To accommodate this, and using the arrow keys, the enter key and the
"-" and "=" keys, we manipulate the entries, and set the table up as
follows:
+---Edit Daily Time Limits----+
|Z From To From To Limit |
|0 Mon Sun 0am 11pm 2:00 |
|1 Sat Sun 0am 11pm 3:00 |
|2 Mon Sun 5pm 7pm 1:00 |
|3 --Inactive-- |
|4 --Inactive-- |
|5 --Inactive-- |
|6 --Inactive-- |
|7 --Inactive-- |
+-----------------------------+
Working from bottom to top (this is how clobberd reads it), If a user is
on during Saturday 6:00pm, then the 3rd Zone (Z == 2) will test true, and
they will have a Daily Time Limit of 1 hour during that period. If a user
is on at 9:00pm on a Saturday, then the 2nd Zone (Z == 1) will test true,
and they will have a Daily Time limit of 3 hours. If they are on during
any other time (which the 1st Zone fields), then Z == 0 will apply.
Note, this is adaptive. As soon as they are in another time zone, that
time zone limit will immediately apply.
Expiry date : The date on which ALL user accounts will expire
The default here 01:01:1970. Be careful!
If you enable default user settings with this
date (or any date less than today), you will
effectively disconnect any users (who are
applicable to the default settings) who attempt
to get on :-(
Press SHIFT-E to set this to Exempt.
As an example, We have set our date to 31:12:2099
(We don't anticipate being alive then :-).
Niceness : Niceness is a processing peeking order within unix.
It's a setting within a given processes process
table. Nice values for each process run from -20
to 19, and the more nice a process is, the less
CPU time it gets to be processed... the process
scheduler will put other processes ahead of the
nicer ones.
The nice setting simply sets the nice value for
the user... so if you have an annoying user who
is always abusing CPU band width (only really
applicable to shell users), then you can make
him/her really nice ;).
Total Upload Limit : The total number of Mega bytes the user is
allowed to SEND to or through your site.
Especially useful if your telco like to charge
for bytes sent as well as received. If you have
users who like to send large amounts of data to
people or other sites (eg huge emails, pirated
software etc), then this parameter is for you :-)
Total Download limit : The total number of Mega bytes the user is
allowed to RECEIVE from you or external sources.
For ISPs that charge for downloads, this is the
parameter that will control what they can take.
Using this will kick the user off when this limit
has been reached and they will be unable to use
your site until you run a TOTAL PURGE. Daily
limits may be a better alternative.
Daily Upload Limit : The total number of Mega bytes the user is
allowed to SEND to or through your site in ONE
day.
You need to do a daily purge, or a total purge
at least once a week otherwise the values will
accumulate. For example, if I configured this
value at 25600000 (25megs), and did not
run a daily purge, the user would reach the
limit and be unable to use your site. Clobberd
does not automatically reset daily limits, you
must run clob_dpurge to reset daily limits.
Daily Download limit : The total number of Mega bytes the user is
allowed to RECEIVE from you or external sources
in ONE day.
Again - you need to run your purges. See above.
**NOTE:*****************************************************************
Data traffic statistics is queried from the users PPP net device, and
accounts for all data that goes through the PPP device. This includes
overheads like IP frames, TCP frames, ICMP frames etc. TCP handshaking,
TCP frames that are resent due to timeout etc. So please take that
into account.
************************************************************************
Reset DT after clobber : This parameter can be either Yes or No.
Normally, when a user has gone beyond their
daily time limit, clobberd won't let them on
until it is either cleared by the superuser, or
purged with the clobbertool (via a daily cron
job). However, With this setting, it will let
them straight back on, and it does this by
clearing their daily time limit when they are
kicked off, hence "Reset Daily Time after clobber".
{{{this option is used by "Unlimited access" ISP's, that are still
required by telstra to kick their users off every 4 hours so to free up
the inexchanges -- jsno }}}
Clobber multiple dialin: This parameter can be either Yes or No. If set to
yes any user attempting to log in multiple times
will have ALL of their logins disconnected.
For example, the Windows 98 Multilink option
allows users to dial in multiple times and
aggregate their bandwidth so as to increase
through put. The result is good for them, very
annoying for ISPs, who suddenly find a fair
portion of their bandwidth (modem bank), being
soaked up by greedy users.
This parameter helps to stop this.
Permanently ban user : This flag is super user activated only. When
it's set, if that user attempts to get on, then
clobberd will send them a nasty message
(m_banned.txt), an kick them off. You can
unactivate it by hitting ENTER, which toggles
this setting between Yes and No.
Activity Timeout : This tells clobberd how long the time out is for an
idle session. Activity is tested in two ways:
If a user logged on via a shell (getty forked a
bash shell), then clobberd checks the age of their
/dev/ttySXXX.. and see when it was last written too.
If getty forks a PPP daemon (and this will only work
with PPP), then clobberd will periodically check the
users network device (pppXXX) for activity.
If there has been no activity for the period of time
specified in this parameter, the user is sent the
m_activity_to.txt file and disconnected immediately.
Email Type ........ : Possible values are "Normal", "CC to Root" and "None".
"Normal" just means it that will email the user
using the address or email address specified. "CC to
Root" means that clobberd will email the user and
send a CC message to the root email address
specified in general settings record.
Flash Method ...... : Possible values are enumeral up to 15. You specify
flash methods in the boof.conf. this field will tell
clobberd to use a particular one for this user.
Edit User Settings
In the last section, the "Default US" record was discussed. The Default US
record applies to anybody who doesn't have a US record. This section
discusses US records for individual users, and groups of users.
This is the user selection screen. To edit a user highlight his/her name
using the up and down cursor keys.
When you go to view the list of US entries already there (as shown above),
you'll notice some funny characters beside the name. these characters have
special meaning as follows:
" " ................... normal US record
"@" ................... Group US record
"^" ................... A link
"~" ................... A Union
For record sementics, please refer to the appendix. .. but just for a very
brief mention-
- Normal US records are US entries dedicated to that user. you create a
US record, you set it up, and that record only applies to one user.
- A group US record is a US record that applies to a group of users. if
you have more than 1 group of users that possess the same settings (this
applies to most ISP's.. which any seem to call "plans") then you will
find this record type useful.
Here, you would create a US entry, set the required settings. then you
would set the record type to "Group"... and waar-la, you have yourself a
group entry.
To "link" users to that group, you create links. This is easy, all you
have to do is create a US entry for that user, set the US record type to
"link", and then "point" the link to a group US record.
Nb/ there are two types of links:
"Hard Link" : the link is simply that. you can't enter any data into
the link. The user is linked to the group, and inherits the groups
settings.
"Union Link" : This is a cross between a Hard link and a Normal US
entry. It is both a link and a hard wired US entry. See appendix for
information about this.
To add a new user to the list, press SHIFT-A. You can use any characters
on your keyboard for user names. To remove a user from the list, press
SHIFT-D.
You can add as many user entries as you like. There is no limit.
Apart from the add_tty: and add_user: entries in the boot.conf file,
everything else in clobberd is all implemented using dynamic
structures like linked lists and binary trees etc. So, for most things,
you can have as many entries as you like.
Press Enter to edit the users settings. The following screen is displayed.
A user setting take precedence over Default settings. So, if a user
has an entry here, clobberd will refer to the user settings entry for that
user. If a given user does not have a User Settings entry, then clobberd
will refer to the Default settings (if activated). If the Default settings
are not activated, then the user is ignored. However, clobberd will
still monitor their activaties and record them. You can access this
information in the "Edit user Monitors" section (root menu), or the
"Monitor" section (root menu). See later.
Usage of all other settings on this screen is identical to those used
for the general user settings, except, that here (unlike the default
settings email address), will accept a valid email entry, and send any
email messages to that user according to the email address you enter here.
Rather than repeat all of the explanations for those settings, please refer
to the last section for more information.
Edit User Monitors
As you know, clobberd "Monitors" and "Regulates". You have seen in the
last two sections how user "contraints" have been set. The next two
sections discuss how clobberd "Monitors".
In this section, information is kept for both users and NIF's. The user
entries are actual users who login-on or connect to your system that have
a utmp entry (ie, they are displayed when you type in 'who'). User times
are tracked by watching this file. NIF's on the other hand are network
interfaces. They are tracked by monitoring the /proc/net/dev file.
Clobberd will treat NIF's as users for information collecting purposes,
however, they do not effect the "Running Statistics" information, and are
not regulated.
The only exemption to this is users who have "add_exempt_user:" entries
in the "boot.conf" file. These users are ignored.
The "Edit user monitors" section allows you to view and ammend a given
users data that clobberd collects about them. For example, you might want
to reset a users time online, or modify a users volume records.
The first screen displayed is a list of users clobberd has collected
statistics about.
Like with the US user list, the UM list has funny characters beside each
user name. These have special meaning:
nothing ................ No sessions for this user active.
"*" ................ 1 user session active.
"+" ................ more than 1 user session active (user is
currently logged on more than once)
"%" ................ NIF in "down state" (inactive)
"$" ................ NIF in "up state" (active)
Use the up and down cursor keys to highlight the desired user and press
Enter to edit the settings.
You can not add users in this section (ie SHIFT-A won't work), as
clobberd has exclusive control of the files, however, you are able
to delete them using the SHIFT-D key.
This is the monitor settings screen. As you can see, most of it is what
clobberd records about active users- Time spent active and their network
traffic.
No Active : This just displays how many times a user is on.
If you clobber multiple sessions this should
never say more than 1. If they are not currently
logged in this will be 0. This parameter cannot
be editted (for obvious reasons).
Idle Time : Time spend idle (recorded in hours:minutes
format).
Daily Connections : Each time a new user session created (ie each
time they log on), this field increments. This
field is cleared when a daily purge is performed.
Total Connections : same is Daily Connections, accept that is it
cleared when a Total Purge is performed.
Last Active : The date and time the user was last logged on.
Total time used : The total amount of time the user has been logged
on since the last time clob_tpurge was run.
This field is displayed as hours:minutes.
Daily time login zone : This will be a number from 0 to 7, corresponding
to the time zones you set up in the global or
user settings. Only active zones are displayed,
as inactive zones do not have any bearing on
user monitors.
For example, if you had 2 time zones (0 and 1),
the first from 00:00 to 23:59 Mon - Sun and the
second 19:00 to 23:59 Mon - Sun and the time
was currently 20:45, this field would display 1
if the user was logged on.
If the user is not currently logged on, or if no
time zone applies to the time they are currently
on, then this field will say n/a (not applicable).
You cannot edit this field. It is informational.
Daily time set limit : This field displays the time limit allowed for
this user IN THE CURRENT TIME ZONE.
Again, If the user is not currently logged on, or
if no time zone applies to the time they are
currently on, then this field will say n/a.
You cannot edit this field. It is informational.
Daily time used : The total amount of time the user has been logged
on since the last time clobbertool -d was run.
This field is displayed as hours:minutes.
Press Enter to edit this field. If you press Enter
again without typing anything the value will be
set to 0:00.
If the user has not been logged on today this
field will be zero.
Total up/download : The total number of Mega bytes sent and received
since the last time clob_tpurge was run.
Press Enter to edit this field. If you press Enter
again without typing anything the value will be
set to 0:00.
Daily up/download : The total number of Mega bytes sent and received
today (actually, the total bytes since the
last time clob_dpurge -d was run).
Press Enter to edit this field. If you press Enter
again without typing anything the value will be
set to 0:00.
Monitor
This option is exactly the same as the 'edit user monitors' option except
that you cannot edit any fields. Every field displayed is for informational
purposes only.
If you just want to eaves drop on monitoring information, then it's
more desirable to use this function, as the "Edit User Monitors"
gets clobberd to apply file and record locking, and prevents clobberd
(in some instances) to access the records you are currently editting.
Also, this function periodically queries clobberd, so that you get the
very latest information about a given user.
The fields in this section are identical to the ones covered in the last
section (Edit user monitors). However, the "Monitor" section has to
additional fields. These are discussed now. Nb/ these fields only apply to
user UM records. for NIF UM records, they do not apply, because NIF's are
not regulated, and do not have "sessions".
Peer at US record : (effective US record).
This will view to "effective" record of the user. When clobberd does the
regulation, the database manager within clobberd presents the regulator
with this record. Effective means exactly that- it's the US record that
applies to the user. For example, if a user doesn't have a US entry, but
default US settings apply, then their effective US record will be the
default US record. If the user is appart of a US group, then their
effective US record will be the group US record.
View Terminal Info :
This field when entered will display a window showing information about
active sessions. When you look at this information, each line is a
connection onto your terminal machine (where clobberd is running)... in
other words, each one is a "who" entry. The fields of each line are pretty
much self explanitory.
Session data is the source of UM data monitoring. each wakeup, clobberd
will collect data about each session. it will then aggregate the session
data to produce monitor data (in the UM record). So sessions are very
important.
Total Time Used list
A user list, which lists in decending order total time usage. Biggest Time
users are listed first.
Total Network Volume list
Same thing, accept for Total volumes. Total volume is calculated as
TOTAL_UPLOADS + TOTAL_DNLOADS.
Connection Efficiency list
This provides you with a sorted list of most efficient connectors, from
most efficient to least efficient. The co-efficient simply means that each
time they connect, they are online for an average of X hours (in HH:MM
notation).
If you have users with bad line noise who blame your equipment, then this
list is a good way of proving that the problem exists at their end.
People with low CE's would be ones that are getting dropped alot, or are
infact connecting for short periods of time (relative to everybody else).
Nb/ you could probably use this as a bench mark to compare your service
with other ISP's.
Daily Purge
This function will purge all users 'daily' data (Daily Time, Daily
Uploads, and Daily Downloads). Essentially, it's the same as the
"clob_dpurge" function. (see later about the clobbertool program).
Total Purge (and Report)
This function is the same as running "clob_tpurge". It purges all
monitoring data (It actually removes all the user entries from the 'UM'
database, however, it doesn't touch any of the user settings data).
This function also produces a report (see next section).
Archive
This executes the shell script /var/local/clobberd/archive.sh (going by
default configuration). By default nature (assuming you haven't bananaed
with it), It does the following:
- creates a gnu zipped tar ball consisting of:
- boot.conf
- clobberd.db
- log directory
- mesg directory
- copies the tar ball to /var/local/clobberd/attic
- deletes all log files.
Display Connection stats
This function was mainly used when version 4.x of clobberd was being
developed. It's handy to see if anyone is trying to hack into your
clobberd server by remotely accessing it, or how many clob_* sessions
are connected to clobberd etc. It's really just an information utility. I
guess the same info could be got by doing a "netstat -a".
Each line tells you what status the connection is, if it's an authorised
connection, when it was first created, and what records it has locked.
Kill the Master and quit
This option will kill the daemon and then exit the clobberedit program.
Selecting this option will display a prompt dialogue asking if you really
want to quit. If you respond 'y' clobberedit will terminate the clobberd
daemon and return you to the command prompt.
Quit
Pressing SHIFT-Q and selecting QUIT from the clobberedit main menu do the
same thing! They display a prompt dialogue asking if you really want to
quit. If you respond 'y' clobberedit will terminate and return you to the
command prompt.
clob_* utility programs
In brief:
clob_archive .......... as the name suggests. requires password parameter.
ie. clob_archive -a accessnt.com.au -p honda
clob_dpurge
clob_tpurge ........... the purgers. these command line utils's are
intended to be placed in cron jobs.
clob_dstat ............ dumps the running statistics.
clob_lists ............ will display the various lists:
ie.
- clob_lists -a accessnt.com.au -t
displays Total Time Used list
- clob_lists -a accessnt.com.au -v
displays Total Network Volume list
- clob_lists -a accessnt.com.au -e
displays the Connection Efficiency list
Have a look at the previous sections about
clobberedit.
clob_userstat ......... will display stats for a single user. you must
specify a user name in the parameter for it to
work.
ie. clob_userstat -a accessnt.com.au jsno
This program is used by clob_userstat.cgi
clob_userstats ........ This dumps user stats for all users, or a group.
If you want to dump stats of a group of users,
then specify the group in the parameter-
ie. For all users:
clob_userstats -a accessnt.com.au
For the group "ppp_users"
clob_userstats -a accessnt.com.au ppp_users
Appendix
Outline model of how clobberd is structured
This is the structure of the clobberd daemon.
The "Scanner" routines basically do the following:
- determine who is online
- determine what NIF's are active
- for any NIF's or users that are active, increment the times used for
each session, and read the volume data from OS and increment sessions
network volume usage.
The "Monitor" routines read the session data for each user, aggregate
(fanin) the data to produce UM updates. It then regulates the users by
comparing their usage values with their contraints, to determine if they
need to be kicked off.
The seperation of session processing and entity (user) processing allows
for users to have multiple sessions, and allows session activity to still
be monitored while a user record is locked.
The "Network Server" serves TCP connections. Clients connect to clobberd
via tcp, and read/update data. these routines arbitrate this process.
User Settings (US) sementics
Back in the 4.10 days and below, the way data was organised within
clobberd was pretty simple. Users would possess a UM record which was
the monitor data clobberd would collect about them, and an optional US
record that you the adminstrator would create which contains regulation
data that contrains the user. This model was pretty simple to understand,
because a user would only ever have one US record. Now, in 4.11 and above,
it's a bit more complicated.
In 4.11, a grouping feature was added. This allowed you to group certain
users together so that they would "share" a single US record. The idea
here is to maintain a single data record for the entire group.
To fit it nicely into the current scheme of things and hence making
clobberd backward compatable, i had to add links. The idea here is that if
you want "dick" to be a apart of a group, you would create a Link US
record for "dick", and point it to a given group.
So now, from version 4.11, i have created several different US record
types to be able to do this.
Normal: This is just a normal US record. You create it, and
clobberd will then apply it to the user.
Nb/ If a user doesn't have a US record, then clobberd will check the US
defaults flag to see if the US defaults is active. If it is, then the US
defaults record will become the users "effective record".
Group: A Group US record is exactly the same as a normal US record.
The only difference is that it's flagged as a group US record.
Nb/ You can name a group US record after a user and clobberd will still
apply it to a user as though it's a normal US record.
Link: A link is a US record which only contains a pointer field.
The pointer field contains a name of a US group, hence "points" to a
group. Hence, the effective US record for the user will be the group US
record.
Union: This is a bit complicated... read carefully. A union link is
a cross between a link and a normal record. It's exactly the same as a
Normal record, accept that the Email Host/Address field is replaced by a
Link field...
Clobberd will then "compose" an effective record from both the information
in the union link and the group record. it will be composed of the
following data-
1) clobberd will "copy" the following fields from the "union link" into
the "effective" (being composed):
- username
- email email type
- flash method
- instant purge dt flag
- clobber mult logins flag
- banned flag
2) the following fields are copied from the group US entry and put into
the "effective" record:
- email address
3) for any given field that can be exempted in the union record, the
following applies:
- if field is not exempt, then the effective value is taken from union
record
- if exempt, then, the effective value is taken from group record
- if the field in the group record is exempt, then the effective value
is exempt.
With both Union and Group Links, if a pointer (group name) doesn't exist,
then clobberd will refer to the US defaults (if enabled).
Effective: This record type is purely derived by clobberd. It is
"composed" by the database manager within clobberd when a function within
clobberd queries it for a user US record. You will see effective records
when you go into the Monitor section of clobberedit and put up a "Peer at
US record". You will see effective record entries when you run
"clob_userstat".
email address sementics
clob_notify processes an email entry (stored in the users US entry) as
follows:
- if entry has '@' in it, then it's considered to be a fully qualified
email address. clob_notify will then use this email address.
- if it hasn't got a '@' character, and the entry is not blank, then it's
considered to be an address. clob_notify will then compose a full email
address by taking the users name and adding a '@' and the address.
- if the entry is blank, then the user will be emailed at @localhost.
oo0oo