Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mkorthof/traflimit

Traffic Limit - limits amount of bandwidth that can be used by your Host/VPS/VM
https://github.com/mkorthof/traflimit

bandwith bash-script billing cloud limit linux network traffic vnstat

Last synced: 4 days ago
JSON representation

Traffic Limit - limits amount of bandwidth that can be used by your Host/VPS/VM

Host: GitHub
URL: https://github.com/mkorthof/traflimit
Owner: mkorthof
License: gpl-3.0
Created: 2017-03-15T13:11:51.000Z (over 7 years ago)
Default Branch: master
Last Pushed: 2023-09-04T22:00:13.000Z (about 1 year ago)
Last Synced: 2024-02-13T21:50:53.336Z (9 months ago)
Topics: bandwith, bash-script, billing, cloud, limit, linux, network, traffic, vnstat
Language: Shell
Homepage:
Size: 54.7 KB
Stars: 14
Watchers: 3
Forks: 3
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Traffic Limit ("traflimit")

## Limits amount of bandwidth that can be used by host

This script will help you limit the amount of bandwidth that you consume on an VM, BM or VPS. The idea is you can predict and budget bandwidth fees while using Public Cloud services. Specially using providers such as AWS, IBM, MS Azure or Vultr etc which bill based on bandwidth utilization (i.e. egress traffic).

**Features:**

- script is fully configurable: set options in traflimit.conf or inside script
- besides from cron it can run as daemon, screen or in foreground
- sends email and/or runs custom action(s) if traffic limit is hit like commands, other scripts etc
- includes `bashmail.sh` script, a small sendmail drop in replacement using... Bash :)
- both vnstat 1 and 2 supported

### Installation

See included comments in traflimit.conf for an explaination of what they do.

1) Configure options in traflimit.conf (*RECOMMENDED*) or add them to top of traflimit.sh
2) Test by first setting `POLLMETHOD="foreground"`
3) Comment `POLLMETHOD` and create file in `/etc/cron.d`:

``` bash
echo "* * * * * root $PWD/traflimit.sh cron 2>&1" | sudo tee /etc/cron.d/traflimit
```

**Paths:**

The .sh script will search for the .conf in same dir, /etc and /usr/local/etc.

Suggested paths: "/usr/local/etc/traflimit.conf" and "/usr/local/sbin/traflimit.sh"

**Migrating:**

If you want to copy settings from traflimit.sh to traflimit.conf:

- first try running the command below
- remove settings from traflimit.sh or just get it from repo

``` bash
sudo sed -n '/^AGREE=/,/^# END/p' traflimit.sh > /usr/local/etc/traflimit.conf`
```

### Actions

When hitting the max traffic limit you can configure what should happen by setting `MAXRUNACT`. Remember you might have to add a `sleep 60` first so you have time to disable the script if needed (e.g if you used `shutdown` and boot after).

**Examples:**

- run command: `/sbin/iptables-restore < /etc/firewall-lockdown.conf`

- run script: `/root/scripts/max_traffic_action_script`

- iptables - flush/drop: `/sbin/iptables -F; /sbin/iptables -X; /sbin/iptables -P INPUT DROP; /sbin/iptables -P OUTPUT DROP; /sbin/iptables -P FORWARD DROP;`

- iptables - allow SSH only: `/sbin/iptables -A INPUT -i lo -j ACCEPT; /sbin/iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT; /sbin/iptables -A INPUT -j DROP;` `/sbin/iptables -A OUTPUT -o lo -j ACCEPT; /sbin/iptables -A OUTPUT -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT; /sbin/iptables -A OUTPUT -j DROP;`

- nftables: `/sbin/nft "flush ruleset; add table ip filter;"; /sbin/nft "add chain ip filter INPUT \{ type filter hook forward priority 0; drop; \}"; /sbin/nft "add chain ip filter FORWARD \{ type filter hook forward priority 0; drop; \}"; /sbin/nft "add chain ip filter OUTPUT \{ type filter hook forward priority 0; drop; \}"; /sbin/nft "add rule ip filter INPUT iifname lo accept; state \{established,related\} accept;"; /sbin/nft "add rule ip filter INPUT tcp dport 220 accept; reject;"; /sbin/nft "add rule ip filter OUTPUT iifname lo accept;";`

- stop network: `/etc/init.d/network* stop || /usr/sbin/service network stop || /usr/sbin/service networking stop || systemctl stop network*;`

- shutdown: `/sbin/shutdown -h 5 TrafficLimit hit && sleep 360;`

You could also make the script kill itself (included as an example and should not really be needed)

`logevent "INFO: Killing daemon process..."; pkill -9 -F $PIDFILE 2>/dev/null; rm $PIDFILE;`

### Max limit hit

After the max traffic limit was hit the actions you've defined in `MAXRUNACT` will continue to get executed everytime the script runs. To Acknowledge set `MAXACK="1"` and no actions will be run. To also disable log entries and mail limits optionally set `MAXQUIET="1"`.

You can also set these options by creating the following files in root dir:

``` bash
touch /.maxack
touch /.maxquiet
```

### Email alerts

If you want to be alerted by email you need need 'sendmail' or a compatible MTA (Mail Transfer Agent).
Postfix, Exim and SSMTP should all work. If it is not possible install one of these programs on your system you can use included `bashmail.sh` instead.

Make sure `MTA="/usr/sbin/sendmail"` in `traflimit.sh` is set correctly.

### Bashmail

First set `MTA="/path/to/bashmail.sh"` inside `traflimit.sh`. You'll also have to configure at least your SMTP server in `bashmail.sh` (e.g. "smtp.example.com"). Optionally you can enable Authentication and TLS.

### Sources

- Original TrafLimit Source: [besttechie.com/forums](https://www.besttechie.com/forums/topic/33745-linux-bandwidth-monitoring-script/)
- Original Bashmail Source: [33hops.com](https://33hops.com/send-email-from-bash-shell.html) (GPL-3.0)