NAME
tcpquotad - The TCPQuota daemon.
SYNOPSIS
tcpquotad [options]
DESCRIPTION
This is the engine of the TCPQuota system. It checks the files in
’/proc/net/’ for connects to the outside world and the mSQL tables
’allowed’ and ’masq’. The daemon closes a host if it is not listed in
the mSQL table ’masq’, it kills a users processes if the user is not
allowed to use the TCP link _OR_ if the user have gone below the
minimum quota value.
NOTES
The following signals have the specified effect when sent to the server
process using the kill(1) command:
SIGHUP
Causes server to reload the configuration file.
SIGTERM SIGINT SIGQUIT SIGKILL
Causes the server to clean the firewall entries
and the masquerading table from entries, and to
exit cleanly
SIGUSR1
Turns on debugging
SIGUSR2
Turns off debugging
MSQL TABLES
tcptab - This is the main quota table in the database, this contains
the columns: name and quota.
name - contains the username of the user allowed
quota - contains the quota points of the user allowed This is measured
in seconds.
allowed - This is the table that holds the username of the users that
are allowed to use the ’Net link. A user can exist in the tcptab table
without being registered here. This is so that one can turn off a user,
without removing it’s points. It only contain one column: name.
name - contains the username of the user allowed
periodtab - xx
masq - This is the table that holds the information on which host’s and
user’s that the firewall is opened for. If one, for example executes
the program openfw without parameters, it checks the file
/etc/tcpquota/tcpquota.cf for the lines:
GROUPS=GROUP1
GROUP1=xxx yyy zzz
Which means that there are one computer group (GROUP1) which contains
the host’s xxx, yyy and zzz. If you have logged in on the firewall
from host zzz it opens the host’s xxx, yyy and zzz for ’Net access for
free (it depits the TCPQuota user ’free’, which does not need to be an
existing system user). This user can go under any value you set for
MIN_QUOTA in the config file. This table contains the columns: host,
name, cnts, tic, counter, open and free
host - Is the IP nummer of the host that the firewall is opened for.
name - Is the username of the user that have opened the firewall for
the specified host.
cnts - Number of connects for the specified host
tic - Number of ticks since the table was uppdated
counter - ....
open - This is for used by the support programs, openfw and openhost to
trigger the opening/closing of the firewall.
If the support programs write a:
3 - means that the firewall should be closed.
2 - means that it should be opened.
And the daemon writes a:
1 - the firewall is opened.
0 - the firewall is closed.
free - This is 1 if the user is allowed free access to the link and 0
if not...
logging - Contains the logging about who have changed the TCPQuota
database when...
This table contains the columns: when, user and action
when - Is the date when the database administrator have
added/removed/changed quota points for another user
user - The name of the database administrator that have changed the
database
action - What have the administrator done?
logging_openfw - Contains the logging about who have opened/closed the
firewall for free/admin access when...
This table contains the columns: when, user and action
when - Is the date when the database administrator have opened/closed
the firewall for access...
user - The name of the person that have opened/closed the firewall
action - What have the administrator done (opened/closed, which set of
computers)?
MSQL EXAMPLE
Running msql (1) one can do:
SELECT quota FROM tcptab WHERE name LIKE ’free’\\g
And you’ll get something like this:
+----------+
| quota |
+----------+
| -1008888 |
+----------+
This is the number of quota points the user have left to spend... (In
this perticular example, you’ll get a negative value, which means that
this is how much the user have spend...)
SELECT masq.host, tcptab.name, tcptab.quota FROM tcptab, masq
WHERE masq.host LIKE ’42.42.40.66 AND tcptab.name LIKE ’free’\\g
You’ll get an output something like this:
+-----------------+----------------------+----------+
| host | name | quota |
+-----------------+----------------------+----------+
| 42.42.40.66 | free | -1008888 |
+-----------------+----------------------+----------+
This means that the user free is allowed free access from host
42.42.40.66 and have accumulated a negative quota value of 1008888
points (seconds).
You naturally have to exchange the IP number and username to your
values... For more information on how to use mSQL can be found in the
manual page for msql.
FILES
/etc/tcpquota/tcpquota.cf - Main configuration file for the whole
TCPQuota system
/etc/tcpquota/tcpquota.cf.debug - Configuration file used when started
in debug mode
/etc/init.d/tcpquota.init - Used to start and stop the daemon at boot
time
/etc/cron.weekly/tcpquotad - Cron script to rotate the tcpquota log
files
/var/log/tcpquotad.log - Log file for the daemon
OPTIONS
--debug
Run the daemon in debug mode, do not fork, print extra debug
output.
SEE ALSO
tcpquota.cf(5), msql(5), relshow(1)
AUTHOR
Turbo Fredriksson, <turbo@tripnet.se>
Martin Budsjoe, <marbud@tripnet.se>