Hi guys,
I'm looking for a connection tracker for upload and download data usage.
For example, if my iPad uploads a file to Google drive that's 50mb, I'd like to know if there is OpenWRT software that can monitor this and calculate the data used and report that iPhone uploaded 50mb to drive.google.com
Conntrack show the connection into multiple lines 'connections' but idk how to get the total usage.
I'm using a Firewalla and love it but I wanted to see if something was available for OpenWRT?
Here is an example:
So luci-app-nlbwmon can at least tell you the up-/down-load traffic of your internal hosts separately for IPv4 and IPv6. But if you need/want something per-connection you will need to use something heavier like suricata (no idea whether there are packages for OpenWrt that allow easy configuration) or export the data to a beefier host to aggregate it. (On turrisOS, an OpenWrt derivative used by e.g. the turris omnia, there is an ready made suricata instance called pakon that seems to to what you ask, but it comes at considerable CPU and storage costs, fine for the relatively well endowed omnia on a slowish link, but my point is, if you want/need per connection logging be prepared that carries some cost).
nlbwmon is nice but does it collect this type of info?
I've used it for bandwidth tracking in the past, but thats overall count per device.
I'm looking for something that can store the connections, in a small db/file, and display them in a table.
I'd like to know where my iot devices are sending traffic as no everything is a dns entry.
As I said nlbwmon can aggregate ingress and egress traffic counters per internal device, it will, as far as I know not store per connection information. For connection tracking you need something heavier....
Or assuming the iot devices always connect to the same/similar remote points, just take a packet capture for say a hour and look at that....
You would need to provide a netflow collector and use an appropriate analysis system to get reports etc. Depending on the amount of traffic and how long you want to keep data, the storage requirements could be more than a small home router has available if you were to try adding such an app as a docker image etc.
Reading the info in the links above and searching the forum for softflowd should yield some other approaches and ideas as well.
