Hi,
I am interested to know, if there is any good addon for OpenWRT’s LuCI (or alternatively, for the terminal), that allows for easy and convenient network monitoring of all activity of all connected devices in real time (udp, tcp, ports, source/dest, etc).
Thanks in advance.
Here is something, that works on the terminal, it’s kinda suboptimal, but works.
It would be cool, if there is a LuCi version, though.
Example net monitoring script (bash) - to be run from the terminal:
#!/bin/sh
# Auto-detect conntrack file
if [ -f /proc/net/nf_conntrack ]; then
CONNTRACK_FILE="/proc/net/nf_conntrack"
elif [ -f /proc/net/ip_conntrack ]; then
CONNTRACK_FILE="/proc/net/ip_conntrack"
else
echo "No conntrack file found!"
exit 1
fi
INTERVAL=1 # refresh interval in seconds
while true; do
clear
echo "=== Active Connections ($(date)) ==="
printf "%-6s %-16s %-16s %-6s %-6s %-6s\n" "Proto" "Source" "Destination" "SPort" "DPort" "T-out"
echo "---------------------------------------------------------------"
awk '{
proto=$1
# Map numeric protocol codes to names (optional)
if(proto=="tcp") proto="TCP"
else if(proto=="udp") proto="UDP"
else if(proto=="icmp") proto="ICMP"
else if(proto=="icmp6") proto="ICMPv6"
else proto=toupper(proto)
for(i=1;i<=NF;i++){
if($i ~ /^src=/){src=$i; gsub("src=","",src)}
if($i ~ /^dst=/){dst=$i; gsub("dst=","",dst)}
if($i ~ /^sport=/){sport=$i; gsub("sport=","",sport)}
if($i ~ /^dport=/){dport=$i; gsub("dport=","",dport)}
if($i ~ /^[0-9]+$/ && i>2){timeout=$i}
}
if (sport == "") sport="-"
if (dport == "") dport="-"
printf "%-6s %-16s %-16s %-6s %-6s %-6s\n", proto, src, dst, sport, dport, timeout
}' "$CONNTRACK_FILE" | sort
sleep $INTERVAL
done
}' "$CONNTRACK_FILE" | sort
sleep 1
done
slightly updated with AI, this works better - shows the protocol (udp, tcp) 
#!/bin/sh
# conntrack-auto-proto.sh
# Shows IPv4/IPv6 connections with TCP, UDP, ICMP correctly
# Auto-detect conntrack file
if [ -f /proc/net/nf_conntrack ]; then
CONNTRACK_FILE="/proc/net/nf_conntrack"
elif [ -f /proc/net/ip_conntrack ]; then
CONNTRACK_FILE="/proc/net/ip_conntrack"
else
echo "No conntrack file found!"
exit 1
fi
INTERVAL=1 # refresh interval in seconds
while true; do
clear
echo "=== Active Connections ($(date)) ==="
printf "%-6s %-16s %-16s %-6s %-6s %-6s\n" "Proto" "Source" "Destination" "SPort" "DPort" "T-out"
echo "---------------------------------------------------------------"
awk '{
proto=$3 # field 3 contains protocol
# uppercase for clarity
proto=toupper(proto)
timeout=$5 # field 5 = timeout
src=""; dst=""; sport="-"; dport="-"
for(i=1;i<=NF;i++){
if($i ~ /^src=/){src=$i; gsub("src=","",src)}
if($i ~ /^dst=/){dst=$i; gsub("dst=","",dst)}
if($i ~ /^sport=/){sport=$i; gsub("sport=","",sport)}
if($i ~ /^dport=/){dport=$i; gsub("dport=","",dport)}
}
printf "%-6s %-16s %-16s %-6s %-6s %-6s\n", proto, src, dst, sport, dport, timeout
}' "$CONNTRACK_FILE" | sort
sleep $INTERVAL
done
You can see traffic under:
Status > Realtime Graphs > Connections
Thank you. I’m an idiot for not seeing it.
Is there any way to log this info or retrieve it remotely?
If you like eye candy and all kinds of graphical stats, try the Netdata package. Albeit, you need to access the visual dashboard locally on your browser following the install (EG: http://yourbrowserIPAddress:19999/), but this might just be what you are looking for. Have fun with it.
Just took a look at this, as per your suggestion.
Looks fantastic, but… :
Require approx. 26.59 MiB size for 5 package(s) to install.
Not possible on my device, even if I remove everything else.
But it’s a good addition to this discussion, as other people may see it and have perhaps devices with more storage, than me.
Thanks for this.
I’m looking at the options at System > System > Logging
and I see there is a possibility to use external server for logging.
How do I go about that?
Just configure your external server and Save/Apply.
I was also going to suggest softflowd, but it requires an external collector server.