Re: Usage based billing

On Nov 20, 9:26 am, "D. Stussy" <s...@xxxxxxxxxxxxxxxx> wrote:
"Sonny" <smani...@xxxxxxxxx> wrote in message

news:5a5ec602-b052-4933-9d60-93a930484342@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx



On Nov 19, 3:53 pm, Antoine Junod <t...@xxxxxxxxxxx> wrote:
"D. Stussy" <s...@xxxxxxxxxxxxxxxx> writes:
"Sonny" <smani...@xxxxxxxxx> wrote in message
news:619b69c6-59ca-4964-9937-a43ae52a14a5@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Has anyone here implemented a usage based billing system by sniffing
HTTP packets? I tried searching it in the Web but come up short. I
just want to know how to do it, i mean, a successful web download has
a series of 200 OKs. What is the best indication that a page is
successfully downloaded? Thanks.

How about a firewall packet counter?

Does it need a lot of CPU resources? Does is slow down the
throughput?

Thanks for your reply,
-AJ

Actually we're just doing a prototype, so far we're checking how many
packets for one http transaction, and the http headers that comes
along with it. We don't think that it needs a lot of CPU resources
though we're expecting many requests with different request for the
same web page/file which makes a packet counter kind of difficult to
implement. Hmm, is there an open source system which is similar to
Cisco's NetFlow?

Is there a reason why your iptables rules can't be used?

How many times do I have to hit your head with a hammer?

Actually, we can use the iptables, but it will be very dirty. We can
set the iptables rule per IP of the user to get the count. But as we
tested the setup, unlike a typical DHCP wherein most of the time, you
will get the same ip, the ip gets changed every time the end device is
turned off. Also, if the client is downloading more than one file at a
time, then it will be harder to monitor.

If we configured the firewall to monitor for example, per ip -and-
per destination host to solve the more-than-one-file scenario then we
will have thousands lines chain in the iptables and that would be very
inefficient I suppose. I forgot to mention, we would be looking at a
potential CIDR /20 number of clients. And unfortunately all clients
will be pointing to this gateway. We can't afford another machine to
serve the clients.

But, I could ask what kind of iptables rule will be most efficient
with this setup?

Regards,

.

Relevant Pages

  • a problem with nat table setting
    ... linux PC and the webserver before I start the proxy, ... http packet will not be passed to the proxy, ... Chain INPUT (policy ACCEPT 3574 packets, ...
    (comp.os.linux.networking)
  • a problem with nat table setting
    ... linux PC and the webserver before I start the proxy, ... http packet will not be passed to the proxy, ... Chain INPUT (policy ACCEPT 3574 packets, ...
    (comp.os.linux.misc)
  • a problem with nat table setting
    ... linux PC and the webserver before I start the proxy, ... http packet will not be passed to the proxy, ... Chain INPUT (policy ACCEPT 3574 packets, ...
    (comp.os.linux.embedded)
  • Re: [PHP] PHP calling an ISAPI Extension
    ... HTTP is over TCP/IP. ... TCP/IP sends data in packets, each package is max. 1500 bytes. ... when your server sends a site of let's say 1200 bytes then all ... Reading with fread stops after a package is available... ...
    (php.general)
  • Re: [Full-disclosure] Compromised hosts lists
    ... and auto-create an iptables rule. ... The secure way to do this is to first deny *all* traffic, ... accept packets *before* it showed up on the list? ... I completely agree for ports that I would have closed, ...
    (Full-Disclosure)