[OPLINTECH] Counting Wireless Patrons

Chad Neeper cneeper at level9networks.com
Thu May 28 13:08:03 EDT 2015 

Ron, your hit rate seems pretty low. Might be worth tweaking your
refresh_patterns in squid. In case you want to compare/tweak, here is a
copy-paste of my current standard refresh patterns for squid:


#
# L9N note:  These custom refresh patterns are used instead of the
pre-configured patterns selectable from the pfSense
# webconfigurator because the pre-configured patterns don't use ACLs to
limit the "range_offset_limit none" to just the Windows
# Update and Symantec update domains. Having this value set globally seems
to break at least Netflix's streaming
# (of _resumed_ videos) on Android devices and who knows what else.
#

# Windows Update refresh_pattern
acl windowsupdate dstdomain windowsupdate.microsoft.com .
update.microsoft.com download.windowsupdate.com
redir.metaservices.microsoft.com images.metaservices.microsoft.com
c.microsoft.com www.download.windowsupdate.com wustat.windows.com
crl.microsoft.com sls.microsoft.com productactivation.one.microsoft.com
ntservicepack.microsoft.com
range_offset_limit none windowsupdate
refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip)
4320 80% 43200 reload-into-ims
refresh_pattern -i
windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80%
43200 reload-into-ims
refresh_pattern -i windows.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip)
4320 80% 43200 reload-into-ims

# Symantec refresh_pattern
acl symantecupdates dstdomain liveupdate.symantecliveupdate.com
symantecliveupdate.com securityresponse.symantec.com
range_offset_limit none symantecupdates
refresh_pattern -i
liveupdate.symantecliveupdate.com/.*\.(cab|exe|dll|msi|7z|zip) 10080 100%
43200 reload-into-ims
refresh_pattern -i symantecliveupdate.com/.*\.(cab|exe|dll|msi|7z|zip)
10080 100% 43200 reload-into-ims
refresh_pattern -i securityresponse.symantec.com/.*\.zip 10080 100% 43200
reload-into-ims

# Google updates (ex. Chrome)
refresh_pattern -i pack.google.com/.*\.(exe|crx) 10080 80% 43200
override-expire override-lastmod ignore-no-cache ignore-reload
reload-into-ims ignore-private

# Apple
refresh_pattern -i apple.com/.*\.(pkg|dmg|dat) 10080 80% 43200
ignore-no-cache  ignore-reload  reload-into-ims

# Cache Adobe updates better
refresh_pattern armdl.adobe.com/.*\.(exe|msp|msi) 10800  80%  43200
ignore-no-store ignore-reload reload-into-ims


refresh_pattern -i \.(gif|png|jpg|jpeg|ico|bmp|tiff|webp|bif|ver|pict)
220000 90% 300000 override-expire reload-into-ims ignore-reload
ignore-no-cache ignore-private ignore-no-store

refresh_pattern -i
\.(swf|js|wav|css|class|dat|zsci|do|ver|advcs|woff|eps|ttf|svg|svgz|ps|acsm)
220000 90% 300000 override-expire reload-into-ims ignore-reload
ignore-no-cache ignore-no-store ignore-private

refresh_pattern -i \.(xml|flow) 0 90% 100000 reload-into-ims
refresh_pattern -i \.(json|json\?) 1440 90% 5760 reload-into-ims

refresh_pattern -i
\.(bin|deb|rpm|drpm|exe|zip|tar|tgz|bz2|ipa|bz|ram|rar|bin|uxx|gz|crl|msi|dll|hz|cab|psf|vidt|apk|wtex|hz)
220000 90% 500000 override-expire reload-into-ims ignore-reload
ignore-no-cache ignore-no-store ignore-private ignore-must-revalidate

refresh_pattern -i \.(ppt|ppt\?|pptx|doc|docx|pdf|xls|xlsx|csv|txt) 220000
90% 200000 override-expire reload-into-ims ignore-reload ignore-no-cache
ignore-no-store ignore-private ignore-must-revalidate

______________________________
*Chad Neeper*
Senior Systems Engineer

*Level 9 Networks*
740-548-8070 (voice)
866-214-6607 (fax)

*Full IT/Computer consulting services -- Specialized in libraries and
schools*

On Wed, May 27, 2015 at 11:33 AM, Ron Woods <woodsro at stclibrary.org> wrote:

> If your using Pfsense or something similar to control your wireless
> network counting then patrons is very simple.
>
>
>
> You can install Squid as a Transparent Proxy Server, and then install
> Lightsquid reporting system. It will compile all the data from your squid
> logs. Squid counts each user even in transparent mode. It will then present
> them in a very nice report mode that is all web based.
>
>
>
> I have attached a picture as an example.
>
>
>
> This will make counting your wireless patrons a breeze, and best of all
> it’s FREE and I like Free J
>
>
>
> As always, shoot me an message if you have any questions.
>
>
>
> Sincerely
>
> Ron
>
>
>
>
>
> Ron Woods
>
> Computer Services Manager
>
> St. Clairsville Public Library
>
> (740)-695-2062
>
> http://www.stclibrary.org
>
>
>
>
>
> *From:* oplintech-bounces at lists.oplin.org [mailto:
> oplintech-bounces at lists.oplin.org] *On Behalf Of *Ken Butler
> *Sent:* Wednesday, May 27, 2015 10:38 AM
> *To:* Jordan Cooper
> *Cc:* OPLINTECH
> *Subject:* Re: [OPLINTECH] Counting Wireless Patrons
>
>
>
> Check out https://www.sputnik.com/. The subscription to Sputniknet costs
> about $200 per year per location. They just got set up to start doing
> E-Rate, so the next E-Rate funding cycle would be a good time to switch to
> them, although that is close to a year away. What they offer:
>
>
>
>    - Cloud managed routers. You can reboot them, check them for
>    connectivity, look at the number of active sessions, or look up detailed
>    reports on usage.
>    - Stats: total bandwidth up and down, # of unique users, total # of
>    uses, total sessions, total duration of all sessions, average session
>    length, etc. All sorted by day, week, or months. By default it keeps data
>    for up to 6 months.
>    - Captive portal - force anyone connecting to your wifi to agree to
>    your terms and conditions. Able to add your own branding.
>    - Lots of settings and policies.
>
> I believe they have a firmware version that you can install for free onto
> most standard wifi routers, although it does not have the cloud management
> aspects and I'm not sure what the reporting level is.
>
>
>
> There are other services that do the same thing, but cost a lot more. I
> suppose better reliability and additional features are present in the more
> expensive packages, but for our basic needs, this seems to work just fine.
> Meraki comes to mind, but from talking to them it really seemed like they
> are more for big business, very large hotels etc. They didn't seem very
> interested in selling just one or two APs.
>
>
>
> I've also heard of other people using Aruba, MegaPath and Ruckus. Just
> glancing over the prices on Ruckus though, I see that the cheapest wireless
> controllers that they offer are $400, and that does not include the
> subscription to their cloud management services.
>
>
>
>
>
> On Wed, May 27, 2015 at 7:53 AM, Jordan Cooper <jcooper at myacpl.org> wrote:
>
> Hi, guys.  I was wondering what methodology you use at your libraries to
> count the number of patrons that connect to your wireless networks for the
> state audit.
>
>
>
> At present, the only idea I have is to count DHCP leases, but I feel like
> there has to be a more elegant (though hopefully still affordable) method
> out there.
>
>
> Thanks,
>
>
>
> *Jordan Cooper*
> *Technology Associate*
> Athens County Public Libraries
> jcooper at myacpl.org
>
> (740) 590-1643
>
>
>
>
> _______________________________________________
> OPLINTECH mailing list
> OPLINTECH at lists.oplin.org
> http://lists.oplin.org/mailman/listinfo/oplintech
>
>
>
>
>
> --
>
> Ken Butler
> hcotech at holmeslib.org
> Head of Information Technology
>
> Holmes County District Public Library
> 3102 Glen Drive
> Millersburg, OH 44654
> PH: 330-674-5972 ext 224
>
> _______________________________________________
> OPLINTECH mailing list
> OPLINTECH at lists.oplin.org
> http://lists.oplin.org/mailman/listinfo/oplintech
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oplin.org/pipermail/oplintech/attachments/20150528/51e9120f/attachment.html>

More information about the OPLINTECH mailing list