Router Hosted Hughes Net FAP Monitor
Description
This script fap-monitor.sh runs quite nicely on a Linksys WRT54GL router under Tomato firmware. I'm not sure what other routers or firmwares it might work with. It is for use on HughesNet satellite connections, which implement Fair Access Policy (FAP) i.e. the WAN bandwidth is severely limited for over 24 hours when a predefined amount of data is transferred between certain hours of the day.
This script allows the WAN bandwidth usage to be automatically monitored. QoS settings are applied to limit bandwidth if the FAP limit is about to be reached. When the FAP condition gets safer the QoS settings return to normal. However, see caveats below.
Events are recorded in the system log, and details are displayed in a small web page located here (assuming the router's IP address is 192.168.1.1):
http://192.168.1.1/ext/fap-monitor.htm
This is an example of that simple webpage: fap-monitor.htm (In the hourly messages (ftsrtb) is From, To, State, Rx_count, Tx_count, Bucket).
Here is a mock-up of a better one. If I get any users and y'all want this one let me know and I'll probably work on it: fap-monitor-prototype.htm
This script was modified from STM Monitor v1.00 by tievolu, http://www.tievolu.co.uk/stm/stm-monitor.html.
This script uses the principals explained here FAP Description. It explains the FAP policy with a bucket analogy. The bucket is slowly filled with allowable transfer bytes which get used up in a hurry when you use the internet connection. If you're not familiar with the bucket analogy I suggest you get the document and read it. One thing though, that document assumes the bucket continues to be filled during the fap-free period. I have evidence to suggest that bucket is not filled during the fap-free period, and uses a higher refill rate during the "fappable" period. Therefore fap-monitor.sh uses the "bucket does not fill during fap-free" flavor of the algorithm.
Here is the state transition diagram referred to in the script comments. The file math_check.ods contains my error analysis. If you're really worried about getting FAPed you could check my work.
Testing
The version available here has been tested by pre-setting the bucket, actually downloading some files to cause a state transition (e.g. state "Full Blast" to state "Caution"). Then, letting the connection idle and verifying the state transitioned back. Correct updates to QoS settings and the web page at each state transition were verified. This was done for each of the possible state transitions.
Caveats
The version available here does not save the bucket in NVRAM. I am currently running a version that does save the bucket in NVRAM - which makes it possible to reboot the router and keep track of the bucket. I like the new version better, but it wasn't tested like the one available here. If ANYONE emails me and asks me to I will test and put the newer version on this site.
UDP traffic should be more severely curtailed in Caution and Danger states. There may be applications (streaming video, peer-to-peer, others) that could still FAP you even though fap-monitor.sh has clamped down your internet connection. Hopefully iptables can fix this. I Still have to figure out how to use iptables though.
If you completely idle your WAN connection (say by turning off all the PCs in the house) you would expect to see hourly counts from fap-monitor to go to zero. In fact, they do not. The modem creates broadcast UDP traffic every minute or so that the router counts as WAN traffic. (This is UPnP traffic that, so far, I haven't figured out how to turn off on the modem). This extra traffic has the effect of making fap-monitor think you are going to be FAPed slightly sooner, so fap-monitor slows down your connection slightly sooner than would really be necessary. When I figure out iptables hopefully I can use iptables to fix this problem too.
This script uses QoS for it's own purposes and will mess up your QoS settings. The script could be modified to use your QoS settings for state "Full Blast" and my Caution and Danger state QoS settings. It's up to you to make the modification though.
Untested Install Instructions
(Mine's already installed of course and I don't have time to test this today. If you try this and it doesn't work, let me know). Note that fap-monitor.sh is not aware of timezones. It is set for Central Time. You will have to make adjustments if you live in a different timezone.
Turn on JFFS2 from Web GUI
Administration
JFFS2
Format/Erase (unless, of course, you've already got stuff there).
Ok
Enable
Save
Telnet to the router.
telnet 192.168.1.1
cd /jffs
wget ftp://ftp.visi.com/users/dwinker/fap-monitor.sh
chmod +x fap-monitor.sh
vi fap-monitor.sh
Find FAP_OFF_HOUR and FAP_ON_HOUR. Read the comment and adjust them.
Read the comments that are the first 50 lines or so of the script. There is information in there you need to understand to effectively use this script.
Turn on the script
Administration
Scripts
WAN Up
/jffs/fap-monitor.sh &
Save
Reboot the router.
Wait a few minutes.
Make sure you can access the simple web page at
http://192.168.1.1/ext/fap-monitor.htm
Raison d'etre
Like most people who have Hughes Net we have it because we live out in the country and there are few other affordable options. We hope to soon gain a roommate who NEEDS uninterrupted internet service for her work. Fap-monitor is an attempt to guarantee she will have internet when she needs it. Of course we would upgrade our Hughes Net service to a more business oriented plan, but the higher level plans also have FAP limits - just higher FAP limits so the issue remains. She does not consider a monitor only solution such as hnFAPMon discussed above to be adequate since we could get FAPed while no one was watching because of automatic updates, a virus, peer-to-peer, etc. If I get fap-monitor to block getting FAPed by all those possible culprits I think she would consider that sufficient protection. She is also looking into other, much more expensive, options that don't involve Hughes Net.
News
Site map
SitemapIndex
RSS Feed