[GTALUG] Using (Tomato) Linux (Router) as Web Proxy Server.

Anthony de Boer adb at adb.ca
Wed Sep 23 03:18:17 UTC 2015 

Peter Renzland wrote:
> Request for help:
> Using (Tomato) Linux (Router) as Web Proxy Server.
> 
> I remotely manage several Tomato networks.
> 
> I would like to connect to the ISP's Usage Data web page, from the remote network, to check the remote network's data usage.

That much probably only requires a proxy at the remote site, presuming
the ISP shows the graph corresponding to the customer IP that's asking.

I've used a Squid instance on a remote host together with SSH
port-forwarding my browser there, but that may be overkill.  ("Nothing
succeeds like excess.")

Using the SOCKS-protocol support in SSH and Firefox would probably
suffice to get your traffic coming out at the other end of the connection.

> I'd also like to run the ISP-specific (web browser) speed test from the remote network, to check the remote network's data rates.

I'd strongly suspect that proxying your web connection back out over
the same link will badly skew the test (especially with asymmetric
data rates!).  Even running a browser remotely over VNC or the like
will use a chunk of your bandwidth.

Putting up MRTG and Smokeping instances tracking link utilization and
health may do a better job than those web-animation doovers, along with
letting you look at history when someone complains how bad it was an
hour ago.

MRTG monitors traffic levels, so requires SNMP access or other means of
getting interface packet counters.  You'll be able to tell from the
maximum inbound and outbound levels what speeds you're getting; the
graphs will generally cap at the same level everytime someone downloads
something big.  Typically you monitor your own router and get stats on
that first hop to your ISP.

Smokeping is a similar tool that shows latency and packet loss, so
typically you want to have it ping the ISP router and more distant
targets you have to reach (your webserver in colo, for example) to see
how good or bad the experience is at the moment.  Compare to the MRTG
picture to see if things get rough during big uploads and/or downloads.

> These seem like very ordinary, simple things to want to do.
> I'd like to find someone who has actually done these things, and who can help me do them.
> (I have found dozens of "how-to" web pages that don't work for me. But I have not found anyone who has said
> 
> "I do this all the time, and here is how I do it". Instead, I have found many people who have said "I have never done this, and I won't try to do it myself it, but you should try this ....")

I've done rather a lot of monitoring, and Icinga (Nagios), MRTG, and
Smokeping are the sorts of thing I set up watching the links and hosts
I care about.  Back in my ISP days we had a few locally-grown tools too.

> Being able to do a web search on "my IP" and get the remote (proxy) host's IP address is really all need.

If they're on dynamic addresses some form of dynamic DNS is probably a
piece you'll need.

-- 
Anthony de Boer

More information about the talk mailing list