From: Ralph Ronnquist Date: Sun, 2 Jan 2022 05:09:31 +0000 (+1100) Subject: intermediate capture X-Git-Tag: 0.1~16 X-Git-Url: https://git.rrq.au/?a=commitdiff_plain;h=f7059701344926ed920ff39a3447d865364f9add;p=rrq%2Fhourglass.git intermediate capture --- diff --git a/hourglass-overview.png b/hourglass-overview.png new file mode 100644 index 0000000..8ab71d0 Binary files /dev/null and b/hourglass-overview.png differ diff --git a/howto.adoc b/howto.adoc index fea2a54..72a93af 100644 --- a/howto.adoc +++ b/howto.adoc @@ -1,13 +1,40 @@ -Hourglass Howto +Hourglass HOWTO =============== -This is a collection of programs (scripts) that implement an automated -network access control policy. The general idea is to declare the open -and close times for each weekday as well as a time limit of -accumulated usage during the open time. +This project is a collection of programs (scripts) that implement an +automated network access control policy, aptly named "Hourglass". The +general idea is to have the network open or closed on weekly policy +schedule, with an easy-to-use interface for adhoc adjustments. + +Overview +-------- + +The Hourglass policy setting includes open and close times separately +for each weekday, as well as limits of the accumulated usage during +the open times. For example, one could set up the network to be open +between 11am and 4pm each day and each day allow for 2 hours of usage. + +.Hourglass System Overview +image::hourglass-overview.png[align="center"] + +Network "usage" is determine by the "Hourglass listener daemon" that +is set up to review network traffic and continuously register +per-minute packet count measures. + +The "Hourglass policy bot" is a per-minute "cron bot" that looks at +the recent succession of measures to decide whether or not "usage" is +happening and accumulate usage periods into the current daily usage +time measure. It is the policy contol bot that performs the control +actions of closing or opening the network for traffic. + +The Hourglass web service provides an HTTP based operator interface +for editing the applicable policy. + + +Installing Hourglass +-------------------- + -For example, that the network should be open between 3pm and 8pm and -allow for 2 hours of usage within those times. The Hourglass system includes four components: @@ -16,11 +43,6 @@ The Hourglass system includes four components: 3. Continuous determination of control action 4. Control actuator -.Dependencies - -newlisp:: -ipset:: -iptables:: Hourglass User Interface ------------------------