starred/super
1
0
Fork 0
mirror of https://github.com/spr-networks/super.git synced 2026-04-25 12:55:52 +03:00
Code Issues 42 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #262] Outbound traffic view empty #105

New issue
Closed
opened 2026-03-04 01:34:49 +03:00 by kerem · 10 comments
kerem commented 2026-03-04 01:34:49 +03:00
Owner
Copy link

Originally created by @0vercl0k on GitHub (Jan 15, 2024).
Original GitHub issue: https://github.com/spr-networks/super/issues/262

I've been running into this for the past few days; basically the 'outbound traffic' view is empty (both on iOS & website). I've looked at some of the log and this one might be relevant (from superdb):

2024/01/15 16:40:12 [-] Empty db configuration, initializing
image
Originally created by @0vercl0k on GitHub (Jan 15, 2024). Original GitHub issue: https://github.com/spr-networks/super/issues/262 I've been running into this for the past few days; basically the 'outbound traffic' view is empty (both on iOS & website). I've looked at some of the log and this one might be relevant (from `superdb`): ``` 2024/01/15 16:40:12 [-] Empty db configuration, initializing ``` <img width="563" alt="image" src="https://github.com/spr-networks/super/assets/1476421/728e7e49-9075-4bec-98e6-096f64daf6a1">
kerem closed this issue 2026-03-04 01:34:49 +03:00
kerem commented 2026-03-04 01:34:50 +03:00
Author
Owner
Copy link

@lts-rad commented on GitHub (Jan 15, 2024):

to diagnose:

  1. traffic can be retreived with these calls:

curl -u admin:admin http://spr.local/traffic_history
curl -u admin:admin http://spr.local/iphistory

do these return 200? data?

  1. if the above failed do you see table ip accounting if you run "nft list ruleset | less" ?
<!-- gh-comment-id:1892639205 --> @lts-rad commented on GitHub (Jan 15, 2024): to diagnose: 1. traffic can be retreived with these calls: curl -u admin:admin http://spr.local/traffic_history curl -u admin:admin http://spr.local/iphistory do these return 200? data? 2. if the above failed do you see `table ip accounting ` if you run "nft list ruleset | less" ?
kerem commented 2026-03-04 01:34:50 +03:00
Author
Owner
Copy link

@lts-rad commented on GitHub (Jan 15, 2024):

As for the log configuration log that is expected until a user has customized their events. that error is probably too verbose then. it will use the defaults

        // default config
        config := &LogConfig{
                SaveEvents: []string{"log:api", "dns:block:event", "dns:override:event", "dns:serve:", "wifi:auth:", "auth:failure:"},
                MaxSize:    250 * 1024 * 1024, //bytes
        }
        data, err := ioutil.ReadFile(gConfigPath)
``
<!-- gh-comment-id:1892640631 --> @lts-rad commented on GitHub (Jan 15, 2024): As for the log configuration log that is expected until a user has customized their events. that error is probably too verbose then. it will use the defaults ``` // default config config := &LogConfig{ SaveEvents: []string{"log:api", "dns:block:event", "dns:override:event", "dns:serve:", "wifi:auth:", "auth:failure:"}, MaxSize: 250 * 1024 * 1024, //bytes } data, err := ioutil.ReadFile(gConfigPath) ``
kerem commented 2026-03-04 01:34:50 +03:00
Author
Owner
Copy link

@0vercl0k commented on GitHub (Jan 15, 2024):

Okay so hitting iphistory returns a 404, traffic_history does return something that looks healthy. I also see a table ip accounting ruleset.

<!-- gh-comment-id:1892703858 --> @0vercl0k commented on GitHub (Jan 15, 2024): Okay so hitting `iphistory` returns a 404, `traffic_history` does return something that looks healthy. I also see a `table ip accounting` ruleset.
kerem commented 2026-03-04 01:34:50 +03:00
Author
Owner
Copy link

@lts-rad commented on GitHub (Jan 18, 2024):

so the right function was iptraffic not iphistory.

curl -u admin:admin http://192.168.2.1/iptraffic

on the router you can check:

nft -j list set ip accounting all_ip;

I suspect this is empty for some reason.

<!-- gh-comment-id:1899346221 --> @lts-rad commented on GitHub (Jan 18, 2024): so the right function was `iptraffic` not `iphistory`. `curl -u admin:admin http://192.168.2.1/iptraffic` on the router you can check: nft -j list set ip accounting all_ip; I suspect this is empty for some reason.
kerem commented 2026-03-04 01:34:50 +03:00
Author
Owner
Copy link

@lts-rad commented on GitHub (Jan 18, 2024):

unclear how this would happen. the rules look like this:

set all_ip {
        type ifname . ipv4_addr . ipv4_addr
        counter
        flags dynamic
        timeout 1h
        size 4096
      }

      chain FORWARD {
        type filter hook forward priority -150 ; policy accept;

        # Log all input ip pairs (input interface, src ip, dst ip)
        add @all_ip { iifname . ip saddr . ip daddr }
        iifname . ip saddr . ip daddr @all_ip

        ip daddr @local_lan jump count_in
        ip saddr @local_lan jump count_out
      }
<!-- gh-comment-id:1899347278 --> @lts-rad commented on GitHub (Jan 18, 2024): unclear how this would happen. the rules look like this: ``` set all_ip { type ifname . ipv4_addr . ipv4_addr counter flags dynamic timeout 1h size 4096 } chain FORWARD { type filter hook forward priority -150 ; policy accept; # Log all input ip pairs (input interface, src ip, dst ip) add @all_ip { iifname . ip saddr . ip daddr } iifname . ip saddr . ip daddr @all_ip ip daddr @local_lan jump count_in ip saddr @local_lan jump count_out } ```
kerem commented 2026-03-04 01:34:50 +03:00
Author
Owner
Copy link

@0vercl0k commented on GitHub (Jan 18, 2024):

Hitting iptraffic seems to return some healthy data, and nft -j list set ip accounting all_ip; as well (it is not empty either) 🤔

On Thu, Jan 18, 2024 at 2:53 PM Alex Rad @.***> wrote:

unclear how this would happen. the rules look like this:

    type ifname . ipv4_addr . ipv4_addr
    counter
    flags dynamic
    timeout 1h
    size 4096
  }

  chain FORWARD {
    type filter hook forward priority -150 ; policy accept;

    # Log all input ip pairs (input interface, src ip, dst ip)
    add @all_ip { iifname . ip saddr . ip daddr }
    iifname . ip saddr . ip daddr @all_ip

    ip daddr @local_lan jump count_in
    ip saddr @local_lan jump count_out
  }


Reply to this email directly, view it on GitHub
https://github.com/spr-networks/super/issues/262#issuecomment-1899347278,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/AALIORO22B33TSMGF5WDJZLYPGRX3AVCNFSM6AAAAABB3T6BMWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQOJZGM2DOMRXHA
.
You are receiving this because you authored the thread.Message ID:
@.***>

<!-- gh-comment-id:1899363285 --> @0vercl0k commented on GitHub (Jan 18, 2024): Hitting `iptraffic` seems to return some healthy data, and `nft -j list set ip accounting all_ip;` as well (it is not empty either) 🤔 On Thu, Jan 18, 2024 at 2:53 PM Alex Rad ***@***.***> wrote: > unclear how this would happen. the rules look like this: > > type ifname . ipv4_addr . ipv4_addr > counter > flags dynamic > timeout 1h > size 4096 > } > > chain FORWARD { > type filter hook forward priority -150 ; policy accept; > > # Log all input ip pairs (input interface, src ip, dst ip) > add @all_ip { iifname . ip saddr . ip daddr } > iifname . ip saddr . ip daddr @all_ip > > ip daddr @local_lan jump count_in > ip saddr @local_lan jump count_out > } > > — > Reply to this email directly, view it on GitHub > <https://github.com/spr-networks/super/issues/262#issuecomment-1899347278>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/AALIORO22B33TSMGF5WDJZLYPGRX3AVCNFSM6AAAAABB3T6BMWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQOJZGM2DOMRXHA> > . > You are receiving this because you authored the thread.Message ID: > ***@***.***> >
kerem commented 2026-03-04 01:34:51 +03:00
Author
Owner
Copy link

@lts-rad commented on GitHub (Jan 18, 2024):

okay so tracked this down

	//update firewall table rules to service the new tiny networks, where needed
	flushSupernetworkEntries()
	for _, supernet := range TinyNets {
		addSupernetworkEntry(supernet)
	}

seems like local_lan is missing the full supernets entries. lets see why this isnt running ons tartup

<!-- gh-comment-id:1899389545 --> @lts-rad commented on GitHub (Jan 18, 2024): okay so tracked this down ```func updateFirewallSubnets(DNSIP string, TinyNets []string) { //update firewall table rules to service the new tiny networks, where needed flushSupernetworkEntries() for _, supernet := range TinyNets { addSupernetworkEntry(supernet) } ``` seems like local_lan is missing the full supernets entries. lets see why this isnt running ons tartup
kerem commented 2026-03-04 01:34:51 +03:00
Author
Owner
Copy link

@lts-rad commented on GitHub (Jan 18, 2024):

startup goes initDHCP-> loadDHCPConfig ->
updateFirewallSubnets(getLANIP(), gDhcpConfig.TinyNets)

its unclear then how this would get out of sync

<!-- gh-comment-id:1899403237 --> @lts-rad commented on GitHub (Jan 18, 2024): startup goes initDHCP-> loadDHCPConfig -> updateFirewallSubnets(getLANIP(), gDhcpConfig.TinyNets) its unclear then how this would get out of sync
kerem commented 2026-03-04 01:34:51 +03:00
Author
Owner
Copy link

@lts-rad commented on GitHub (Jan 19, 2024):

closing for now

<!-- gh-comment-id:1900810312 --> @lts-rad commented on GitHub (Jan 19, 2024): closing for now
kerem commented 2026-03-04 01:34:51 +03:00
Author
Owner
Copy link

@0vercl0k commented on GitHub (Jan 21, 2024):

Thanks again for figuring it out!

<!-- gh-comment-id:1902479636 --> @0vercl0k commented on GitHub (Jan 21, 2024): Thanks again for figuring it out!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
dev
wifi7_support
experimental
dyn_test
dev-android-ui
dns-graph
dev-apns
clearfog-v1.0.29
v1.0.29
v1.0.28
clearfog-v1.0.28
v1.0.27
clearfog-v1.0.27
v1.0.26
clearfog-v1.0.26
v1.0.25
clearfog-v1.0.25
clearfog-v1.0.24
v1.0.24
v1.0.23
clearfog-v1.0.23
v1.0.22
clearfog-v1.0.22
v1.0.21
clearfog-v1.0.21
v1.0.20
clearfog-v1.0.20
v1.0.19
clearfog-v1.0.19
v1.0.18
clearfog-v1.0.18
clearfog-v1.0.17
v1.0.17
v1.0.15
clearfog-v1.0.15
v1.0.14
clearfog-v1.0.14
v1.0.13
clearfog-v1.0.13
v1.0.12
clearfog-v1.0.12
clearfog-v1.0.11
v1.0.11
clearfog-v1.0.10
v1.0.10
v1.0.9
clearfog-v1.0.9
v1.0.8
clearfog-v1.0.8
clearfog-v1.0.7
v1.0.7
v1.0.6
clearfog-v1.0.6
clearfog-v1.0.5
v1.0.5
ios-v1.0.4
v1.0.4
clearfog-v1.0.4
clearfog-v1.0.3
v1.0.3
v1.0.2
clearfog-v1.0.2
clearfog-v1.0.1
v1.0.1
v1.0.0-dev
clearfog-v1.0.0
v1.0.0
ios-v0.3.24
clearfog-v0.3.24
v0.3.24
clearfog-v0.3.23
v0.3.23
v0.3.22
clearfog-v0.3.22
clearfog-v0.3.21
v0.3.21
v0.3.20
clearfog-v0.3.20
v0.3.19
clearfog-v0.3.19
v0.3.18
clearfog-v0.3.18
clearfog-v0.3.17
v0.3.17
clearfog-v0.3.16
v0.3.16
v0.3.15
clearfog-v0.3.15
ios-v0.3.14
v0.3.14
clearfog-v0.3.14
clearfog-v0.3.13
v0.3.13
ios-v0.3.12
v0.3.12
clearfog-v0.3.12
ios-v0.3.11
clearfog-v0.3.11
v0.3.11
clearfog-v0.3.10
v0.3.10
v0.3.9
clearfog-v0.3.9
v0.3.8
clearfog-v0.3.8
clearfog-v0.3.7
v0.3.7
clearfog-v0.3.6
v0.3.6
clearfog-v0.3.5
v0.3.5
clearfog-v0.3.4
v0.3.4
v0.3.3
clearfog-v0.3.3
v0.3.2
clearfog-v0.3.2
v0.3.1
clearfog-v0.3.1
v0.3.0
clearfog-v0.3.0
clearfog-v0.2.28
v0.2.28
v0.2.27
clearfog-v0.2.27
clearfog-v0.2.26
v0.2.26
v0.2.25
clearfog-v0.2.25
v0.2.24
clearfog-v0.2.24
v0.2.23
clearfog-v0.2.23
v0.2.22
clearfog-v0.2.22
clearfog-v0.2.21
v0.2.21
v0.2.20
clearfog-v0.2.20
v0.2.19
clearfog-v0.2.19
v0.2.18
clearfog-v0.2.18
v0.2.17
v0.2.16
clearfog-v0.2.16
clearfog-v0.2.15
v0.2.15
v0.2.14
clearfog-v0.2.14
clearfog-v0.2.13
v0.2.13
clearfog-v0.2.12
v0.2.12
v0.2.11
clearfog-v0.2.11
v0.2.10
clearfog-v0.2.9
v0.2.9
clearfog-v0.2.8
v0.2.8
clearfog-v0.2.7
v0.2.7
v0.2.6
clearfog-v0.2.6
v0.2.5
v0.2.4
clearfog-v0.2.4
v0.2.3
clearfog-v0.2.3
v0.2.2
clearfog-v0.2.2
v0.2.1
clearfog-v0.2.1
v0.2.0
clearfog-v0.2.0
v0.1.33
clearfog-v0.1.33
v0.1.32
clearfog-v0.1.32
v0.1.31
clearfog-v0.1.31
v0.1.30
clearfog-v0.1.30
v0.1.29
clearfog-v0.1.29
clearfog-v0.1.28
v0.1.28
clearfog-v0.1.27
v0.1.27
v0.1.26
clearfog-v0.1.26
v0.1.25
clearfog-v0.1.25
v0.1.25-beta.6
v0.1.25-beta.5
v0.1.25-beta.4
v0.1.25-beta.3
v0.1.25-beta.2
v0.1.25-beta.1
v0.1.25-beta.0
v0.1.24
clearfog-v0.1.23
v0.1.23
clearfog-v0.1.22
v0.1.22
v0.1.21
clearfog-v0.1.21
v0.1.21-beta.1
v0.1.21-beta.0
v0.1.20
clearfog-v0.1.19
v0.1.19
clearfog-v0.1.18
v0.1.18
v0.1.17
clearfog-v0.1.17
clearfog-v0.1.16
v0.1.16-beta.3
v0.1.16-beta.2
v0.1.16-beta.1
v0.1.16-beta.0
v0.1.15
clearfog-v0.1.15
v0.1.14
v0.1.14-beta.0
v0.1.13
v0.1.12
v0.1.12-beta.7
v0.1.12-beta.6
v0.1.12-beta.5
v0.1.12-beta.4
v0.1.12-beta.3
v0.1.12-beta.2
v0.1.12-beta.1
v0.1.12-beta.0
v0.1.11
v0.1.11-beta.3
v0.1.11-beta.2
v0.1.11-beta.1
v0.1.11-beta.0
v0.1.10
v0.1.10-beta.0
v0.1.9
v0.1.9-beta.0
v0.1.8
v0.1.8-beta.0
v0.1.7
v0.1.6
v0.1.5
v0.1.4
v0.1.4-beta.15
v0.1.4-beta.14
v0.1.4-beta.13
v0.1.4-beta.12
v0.1.4-beta.11
v0.1.4-beta.10
v0.1.4-beta.9
v0.1.4-beta.8
v0.1.4-beta.7
v0.1.4-beta.6
v0.1.4-beta.5
v0.1.4-beta.4
v0.1.4-beta.3
v0.1.4-beta.2
v0.1.4-beta.1
v0.1.4-beta.0
v0.1.3
v0.1.3-beta.2
v0.1.3-beta.1
v0.1.3-beta.0
v0.1.2
v0.1.2-beta.2
v0.1.2-beta.1
v0.1.2-beta.0
v0.1.1
v0.1.1-beta.26
v0.1.1-beta.25
v0.1.1-beta.24
v0.1.1-beta.23
v0.1.1-beta.22
v0.1.1-beta.21
v0.1.1-beta.20
v0.1.1-beta.19
v0.1.1-beta.18
v0.1.1-beta.17
v0.1.1-beta.16
v0.1.1-beta.15
v0.1.1-beta.14
v0.1.1-beta.13
v0.1.1-beta.12
v0.1.1-beta.11
v0.1.1-beta.10
v0.1.1-beta.9
v0.1.1-beta.8
v0.1.1-beta.7
v0.1.1-beta.6
v0.1.1-beta.5
v0.1.1-beta.4
v0.1.1-beta.3
v0.1.1-beta.2
v0.1.1-beta.1
v0.1.1-beta.0
v0.01-beta-pi-september-fixes
v0.01-beta-pi-september
v0.01-beta-pi-2
v0.01-beta-pi
Labels
Clear labels   
blocked

   
bug

   
documentation

   
enhancement

   
fixed

   
fixed

  
hardening

   
implemented

   
installer

   
multicast

   
p1

   
p2

   
pending

   
podman

   
pull-request

Mirrored from GitHub Pull Request

  
security

   
testing

   
v1
No labels
blocked
bug
documentation
enhancement
fixed
fixed
hardening
implemented
installer
multicast
p1
p2
pending
podman
pull-request
security
testing
v1
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/super#105
No description provided.