X-Git-Url: https://git.rrq.au/?a=blobdiff_plain;f=howto.adoc;h=72a93af36b8d68fd02a914bc35ca64cd0f178345;hb=f7059701344926ed920ff39a3447d865364f9add;hp=e0c25cfe8561e76a9570d4a8b0bc4cc53a229ff9;hpb=dcb7a638fe8fd468981fdb9cada763f542f4cde8;p=rrq%2Fhourglass.git diff --git a/howto.adoc b/howto.adoc index e0c25cf..72a93af 100644 --- a/howto.adoc +++ b/howto.adoc @@ -1,13 +1,40 @@ -Hourglass Howto +Hourglass HOWTO =============== -This is a collection of programs (scripts) that implement an automated -network access control policy. The general idea is to declare the open -and close times for each weekday as well as a time limit of -accumulated usage during the open time. +This project is a collection of programs (scripts) that implement an +automated network access control policy, aptly named "Hourglass". The +general idea is to have the network open or closed on weekly policy +schedule, with an easy-to-use interface for adhoc adjustments. + +Overview +-------- + +The Hourglass policy setting includes open and close times separately +for each weekday, as well as limits of the accumulated usage during +the open times. For example, one could set up the network to be open +between 11am and 4pm each day and each day allow for 2 hours of usage. + +.Hourglass System Overview +image::hourglass-overview.png[align="center"] + +Network "usage" is determine by the "Hourglass listener daemon" that +is set up to review network traffic and continuously register +per-minute packet count measures. + +The "Hourglass policy bot" is a per-minute "cron bot" that looks at +the recent succession of measures to decide whether or not "usage" is +happening and accumulate usage periods into the current daily usage +time measure. It is the policy contol bot that performs the control +actions of closing or opening the network for traffic. + +The Hourglass web service provides an HTTP based operator interface +for editing the applicable policy. + + +Installing Hourglass +-------------------- + -For example, that the network should be open between 3pm and 8pm and -allow for 2 hours of usage within those times. The Hourglass system includes four components: @@ -16,11 +43,6 @@ The Hourglass system includes four components: 3. Continuous determination of control action 4. Control actuator -.Dependencies - -newlisp:: -ipset:: -iptables:: Hourglass User Interface ------------------------ @@ -30,6 +52,13 @@ control policy, held in the +control.dat+ file, as well as the control override setting, in file +control-extra.dat+, whilst also showing current usage measure from file +usage.dat+. +The server +hourglass-web+ is first installed with +---- +$ ./hourglass-web install +---- +That installation sets up a small +www+ sub directory with "CGI" +scripting to provide the Hourglass User Interface on port 1070. + Hourglass Network Traffic Capture ---------------------------------