You are on page 1of 47

Administrators Manual.

TraffPro (Traffic & Protection).


(Russian - English Translation and additions to English manual By Harsh Vadgama,

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Table of Contents
I. Web-Administrator console....................................................................................................................3 First Start...............................................................................................................................................4 Creating a system administrator............................................................................................................5 II. System Settings.....................................................................................................................................8 Creating a server, gateway, and routing with NAT..............................................................................13 Routing ..........................................................................................................................................18 Testing the routing system:.............................................................................................................21 Port Forwarding..............................................................................................................................24 III. Interacting with AD (Active Directory).............................................................................................25 Setting up the AD Interaction..............................................................................................................25 IV Shedular..............................................................................................................................................28 V Monitoring............................................................................................................................................31 VI Working with Directories....................................................................................................................33 VII Help Desk..........................................................................................................................................37

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 2 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

I. Web-Administrator console
The Web-based interface Web-Administration Console consists of a set of plug-ins, which implement a set of functions required for each specific organization. After installing TraffPro a number of functions are available in the console, which can be extended depending on your preference.

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 3 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

First Start
After installing the system , access to the administrative web can be found at: http://hostname/traffpro/index.php/admin_login (where hostname - address / name of the computer on which TraffPro was installed). TraffPro installs a default system administrator with all permisions (Chief System Administrator) (Login - admin, Password admin).

After typing in your login name and password, the browser will load the home page that shows us the system information status. You can change your admin login name and password at this time. We recommend you create a new administrator and delete the old one, or change the name / password that already exists.
Authors: Galeev Rustam Kononenko Nikolai Zhinyaeva Anna Sinyaev Valery Page 4 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Creating a system administrator.


Select from the menu bar System --> Administrators A new window opens showing the list of system administrators. The dialog window to create a new administrator opens up after you click on the New Admin button from the instrument panel.

A new dialog window opens up consisting of 2 tabs Data and HelpDesk and contains the following fields to fill: DATA TAB: Contains 1. Login - TraffPro system administrator's name (must be 3-15 symbols. Without spaces and special chars) 2. Password - password

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 5 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

3. Re-enter Password: confirm password 4. Job Title Admins Job title which will show up after you enter it in the Job-Title directory 5. Full Name 6. E-mail 7. Level of access As you may be the first system admin, you must have all the rights to adjust all parameters withing the web console and control other junior admins. Therefore set your access level as Chief System Administrator. Choose different level of accesses for different admins. 8. Comments add any comments here (optional)

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 6 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

HELPDESK TAB: If filled so as to enable the admin to work with the tickets. Depending on the admin rights administrator check the appropriate checkbox in front of parameters tabulated. Parameter Allow to edit ticket for use- indicates the number of tickets on which the administrator can operate simultaneously. After creating the new admin, you need to delete the old admin that was created by default. To do this Select from the menu bar System --> Administrators Click the check box on the left of the user admin and click the Delete Admin button from the instrument panel. Upon clicking the Delete Admin button, confirmation windows opens up. Click Apply and the old admin is deleted.

After that you should exit the system by clicking on the exit button on the menu bar The Admin login page will again load and you should now enter your new login name and password. Note that all administrators always will have their working status shown as <<online>>
Authors: Galeev Rustam Kononenko Nikolai Zhinyaeva Anna Sinyaev Valery Page 7 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

II. System Settings


Setting up the system constants. System constants allow you to change settings like language, file paths, permissions etc. Choose System-->Settings from the menu bar. A new window opens up and looks like this. The comments are in Russian in the program which have been translated here.

Settings Index Name of Setting No 1 timeout_sheduler 3 4 5 6 7 8 9 19 20


Authors:

Value 30 server-nissan.orbita.local 20 "" 1.3.4

Comments Timer timeout (sec) For authorization, if using AD (active Directory). Additional settings available in the commercial version AD. maximum number of rows per page The name of the organization. TraffPro Version updates automatically when a new version is updated Number of clients to show in the graphs. ** See comment Interface Language Allow card activation (true, false) Allow card autoregistration (true,
Zhinyaeva Anna Sinyaev Valery Page 8 of 47

AD count_table_rows firm version

chart_count_clients 35 time_out_count 3 lang russian/english cards_en_activecards true cards_autoreg true


Galeev Rustam Kononenko Nikolai

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Index No

Name of Setting

Value

Comments false) default card group card users prefix which new users will be assigned to. eg. auto_richard allow tariffs for auto-registration Number of allowable errors when activating a card before the user ip gets blocked Activate mail module (true, false) [false] Activate email module for rescue password (true, false) [false]. Allow users to change e-mail (true, false) [false]. SMTP server address for outgoing mailsSMTP server port (25, for gmail 465) [465] Enable auth (true, false) [true] Enable authentication for sending mail Mail senders name Mail sender password Mail TSL (ssl, "") - Use encryption The name of the sender that appears when you send email messages.
Zhinyaeva Anna Sinyaev Valery Page 9 of 47

21 22 23 24

cards_group_id cards_user_pre cards_tar cards_error_counts

6 auto_ 1,2,3,4,5,7,8,9,10,11,12 6

25 26 27 28 29 30 31 32 33 34

mail_en mail_pass_resc_en mail_ch_mail_en mail_host mail_port mail_auth mail_username mail_password mail_sec mail_from_name

true false false smtp.rambler.ru 25 true gavru@rambler.ru XXXXXX Administrator mail bot

Authors:

Galeev Rustam Kononenko Nikolai

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Index No 35 36 46 47

Name of Setting

Value Your email .

Comments

mail_from_mail gavru@rambler.ru mail_rand_microtim 622920 e ldap_type ldap_host AD server-nissan

[NO EDIT] Use for srand() LDAP database type: openLDAP or AD, Type ldap openLDAP Linux or AD Windows LDAP database host server, primary domain controller. Full LDAP admin login (example: cn=root,dc=example,dc=org OR admin@example.org) - User with administrative rights, who is allowed to login. LDAP db path (example: dc=example,dc=org OR example.org) Domain Name LDAP daemon port Demon port ldap or AD. LDAP version. LDAP tls using (false, true). LDAP search path (example: ou=Users,dc=example,dc=org OR cn=users,dc=example,dc=org) Path to search for accounting Full LDAP admin login (example: cn=%s,dc=example,dc=org OR %s@example.org) - A string with sample user accounts.
Zhinyaeva Anna Sinyaev Valery Page 10 of 47

48

ldap_binddn

gavru@orbita

49 50 51 52 53

ldap_base ldap_port ldap_version ldap_tls ldap_search_path

orbita 389 3 false dc=orbita,dc=local

54

ldap_login_name_m %s@orbita.local ask

Authors:

Galeev Rustam Kononenko Nikolai

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Index No 55 56 57 58 59 60 61 62 63 64 65 66 67 68

Name of Setting len_min_login len_max_login len_min_password len_max_password 2 16 3 16

Value

Comments Min lenght of login Max lenght of login Min lenght of password Max lenght of password allow to admins to upload to HelpDesk for adminsMax allowable size of uploaded files (in Kb) for admins -

upl_adm_files_allow true

69

upl_adm_files_size_ 2048 limit upl_adm_files_allow gif|jpg|jpeg|png|doc|txt|pdf|rar| Allowed file types for admins ed_types zip|tar|rar|xls allow clients to upload files to upl_cl_files_allow true HelpDesk- tickets. upl_cl_files_size_li Max size of uploaded files (in Kb) 2048 mit for clients upl_cl_files_allowed gif|jpg|jpeg|png|doc|txt|rar|zip| Allowed file types for clients _types rar Prefix for new app reg users reg_app_user_pre user_ when a user applies for a connection using HelpDesk reg_app_title_id 0 Title id fo reg application . 9:00|10:00|11:00|12:00|13:00| reg_app_conn_times Allowed connection times . 14:00|15:00|16:00|17:00|18:00 Enable users registration when a reg_app_en true user applies for a connection using HelpDeskplace of the file storing {fs, base} upl_file_place base default=base - Store files in a database or directory

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 11 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Index No 70 71 72 73 74 75 76

Name of Setting ldap_use_custom_us false er_auth_mask

Value

Comments

Use ldap auth mask or no (and use standart mask for AD) . Allow commercial clients to change cl_tarif_en false tariff dhcpd_conf_path /opt/traffpro/from_trafpro.conf Full path to dhcpd.conf list. Count of the groups in "dhcpd.conf" dhcpd_group_count 0 [(int) auto] Algoritm for encoding of vpnvpn_alg CHAP passwords [CHAP, PAP]. CHAP as default. Set it only once. mail_app_alert_en false Allow application alerts Page to redirect after admin has adm_first_page system_info/system_info been authorized. .

** time_out_count - multiplier for the capture period to reflect data in the graphics chart ( multiplier time_out * time_out_count = period of update). By-default, the chart on the main page represents captured results for the last 30 minutes (360sec * 5 = 1800sec = 30 minutes). For example, to reflect results for the last hour, it is necessary to change time_out_count to 10 (360sec * 10 = 3600sec = 1hour).

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 12 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Creating a server, gateway, and routing with NAT


This is the same as setting up a NAT. By making a server, we have inform the system what out external interface is. Go to System--->Servers(Report,Secure)-->Servers(Report,Secure). Click on the New Server button from the instrument panel. For example your external interface is eth0 with ip 10.10.0.1 with gateway 10.10.0.2. Add it to the server using the following steps.

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 13 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

You must fill in the following fields: Login: Volgao2Eth0 password Re-enter the password IP: 10.10.0.2 MAC: Just input 00:00:00:00:00:00
Galeev Rustam Kononenko Nikolai Zhinyaeva Anna Sinyaev Valery Page 14 of 47

Authors:

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Gateway: State the gateway number if you have multiple gateways. Allowed Ports: Default set to 0-65535.

Click apply and the server is created.

REMEMBER THAT port field by default is 0-65535 thus all PORTS ARE OPEN TO THE SERVER! You may wish to manually specify which ports you wish to open to the external network and which ports you wish to allow from the external network. Don't forget that apart from the regular port 80 (etc), you need to open Port 53 for DNS access to the server. EXAMPLE 21,25,80,90-120,8080,35000-45000,65123 Is the list of allowed ports we have typed. This example shows that the open ports are ( 21,25,80,90-120,8080,35000-45000,65123), BUT ICMP requests have been blocked.. To open up the requests on ICMP you need to include port 0, thus type 0,21,25,80,90-120,8080,35000-45000,65123. The status of the newly created record will always be shown as "New". As soon as the demon processes the record when carrying out a job, the status changes to "Online". Similarly, when changes in the data on the server, the status will change to "Edit" for some seconds and then back to "Online" after the demon picks up the changes.

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 15 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

There is an additional icon named Add Traffic"- which adds traffic to the server, if necessary. Clicking on the icon a new window opens in which you can manually or by using the calculator and indicate the amount of traffic to be added

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 16 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

In the actions column we see 4 icons


Authors: Galeev Rustam Kononenko Nikolai Zhinyaeva Anna Sinyaev Valery Page 17 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Edit, Delete, Block, Add Traffic The block icon changes colour from to when you block access to the items created. Next we need to make a route for this server.

Routing
Routing module also allows you to use multipath routing i.e combine multiple ISP's to a LAN. You can configure and manage it using the web based administrative interface of TraffPRO (webadmin). Webadmin will show you to monitor the connection status, connection state and connection load activity of the external channels. The system will automatically switch channels to the working one in case one of the channels drops out and goes offline. E.g below screen-shot shows how 2 servers (2 external interfaces) have been specified.

Note: Ignore the column Amount of traffic as Traffic Type has been set to unlimited. The value can even be 0. Note: Make Sure your external interfaces have been filled as shown in the above screen-shot.
Authors: Galeev Rustam Kononenko Nikolai Zhinyaeva Anna Sinyaev Valery Page 18 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Now you need you need to route the servers that you added above. Not difficult as the system will do 90% of the work. All you need to do is fill a few fields. To set up the routing go to System--->Servers(Report,Secure)--->Gateways. Click on Add Gateway In our example we made two gateways because we had 2 servers.

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 19 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Example Server Volga02eth0, chose the server (external NIC)from the list Gateway address 10.10.0.1 , indicate the external NICs gateway Device eth0, Type your device (NIC) for the connection. IP to verify Internet/external Link 213.180.204.211, any external IP, which the system will ping to verify Internet availability (it is desirable to specify a stable network- e.g google.com, ya.ru, mail.ru etc.). The tp-routing daemon regularly sends icmp requests and if there is no answer channel is considered to be offline. IP to verify ISP/gateway link 213.177.96.1, Input gateway address or the dns providers address. Nat Network Mask/Subnet for NAT Indicate the subnet which will be used for accessing the internet using NAT. Comments Channel Weight/Parity ( 1 to 255) 1/255 , Specifies the weight of the route that will be used for the Weighted policies with the Multipath Routing feature. (i.e. multiple isps)

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 20 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Checkbox Enable Routing - Enables routing for the channel Checkbox Enable NAT - Enables NAT for the channel CheckboxMain Gateway - indicates that this is the main DEFAULT gateway and other gateways act as a failovers (backup gateways) in case the main gateway goes offline. Checkbox Aggregate gateways - Indicates that the channel will be used for aggregation. Checkbox "Main Gateway" and "Aggregate gateways" contradict each other and thus you can check only one but never both. In the actions column the 4 icons are used in a similar manner as described when making servers. In case the ISP gives you a DYNAMIC IP ADDRESS e.g when using PPPoE, then you need to enable Masquerading , and not NAT. Thus the server ip address (System--->Servers(Report,Secure)-->Servers(Report,Secure). ) need to be typed as 0.0.0.0. After you have completed setting up the routes via the web administrator console, you need to add a line in the /etc/traffpro/traffpro.cfg configuration file nat_data_in_db=true This parameter is responsible for reading the NAT settings from the TraffPRO database according to the settings you input in the System--->Servers(Report,Secure) menu log_route=true Is responsible for logging the the channel routing To put the NAT settings into use you must restart the server.

Testing the routing system:


In the server use 2 commands to check if your routing is working: 1st Command ip route

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 21 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

The last line will show you the status of the channels For example: [root@erver1 ~]# ip route 10.10.20.0/30 dev eth1 proto kernel scope link src 10.10.20.2 10.10.0.0/30 dev eth0 proto kernel scope link src 10.10.0.2 192.168.15.0/24 dev eth2 proto kernel scope link src 192.168.15.1 192.168.10.0/24 dev eth2 proto kernel scope link src 192.168.10.1 169.254.0.0/16 dev eth2 scope link metric 1002 169.254.0.0/16 dev eth0 scope link metric 1003 169.254.0.0/16 dev eth1 scope link metric 1004 default equalize nexthop via 10.10.0.1 dev eth0 weight 2 nexthop via 10.10.20.1 dev eth1 weight 2 2nd Command iptables-save -c | grep POST Displays the number of bytes/packets passed and the state of the NAT channel For example: [root@erver1 ~]# iptables-save -c | grep POST :POSTROUTING ACCEPT [744:201608] [41881:2472087] -A POSTROUTING -o eth0 -j SNAT --to-source 10.10.0.2 [65654:4291948] -A POSTROUTING -o eth1 -j SNAT --to-source 10.10.20.2

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 22 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Note: The 1st command will only show THE ACTIVE CHANNELS! Thus if one channel is offline you will not see it. However it will be seen in the second command. In the example above you see that eth3 is offline so it is not shown in 1st command. Also the monitors will show you the channel status Other reports --> Monitor Gateways Activity As seen from the screen-shot below both the gateways are seen to be working together. At one point one link went down (10.10.0.1) but the internet did not disconnect.

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 23 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Port Forwarding
Port forwarding is necessary in in case, you want to "hide" an internal service and provide access to it from the external network. Port Forwarding simply tells the router which computer on the local area network to send the data to. To forward a port go to System--->Servers(Report,Secure) --->Port Forwarding

Server: Choose from list which server (external NIC) you want to port forward from. Check Box: To apply rule check enable Source IP:Port Specify the external IP and Port Destination IP: Port Specify the internal IP and Port Protocol: Determine the TCP or UDP, or use Any to work with these protocols.

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 24 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

III. Interacting with AD (Active Directory)


Setting up the AD Interaction
System ---> Import From AD/LDAP ---> Authorization Enter your Administrator password and select the type of action (import or update).

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 25 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Click the icon "Apply Settings". And a list of AD users comes up.

When importing list of users from AD you can immediately give the user an account, tariff plan and group. Warning: Without specifying the tariff, importing users will not work. Select the user and import it into the TraffPro system.

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 26 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Sub-menu "Copy User" and "Update Information" are used to update AD Traffpro Database.

AD Settings When interacting the user with AD, it is necesary that his login is similar to the system name brought up in AD, and that the checkbox is maked on the tab - Users - Commercial Clients

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 27 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

IV Shedular
Task Scheduler: Allows you to create scrips/mysql tasks which can be executed at specific days, inbtervals, times, dates etc. Go to System-->Scheduler When working with the tasks you can work with the following: new job, delete a task, Edit a task, Disable, Enable. A default model:

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 28 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Specify the Schedule name. Select Schedule type - SQL script or shell scripting. Fill out the form SQL-Script/Terminal Script. You will see 3 types of frequencies given 1. Run though a period of time in the cycle 2. Run on a selected day of the month 3. Run on a selected day of the week 1. Frequency: Run though a period of time in the cycle

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 29 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

If the job runs in a loop, you can add the following possible options:

If the number of launches for the schedule is limited, then the value specified for Number of planned schedules will be set to 0. Specify what time interval should pass between the implementation of tasks

Format is in 00:00:00 Determine the date to start the schedule and date to end the schedule . If the checkbox is marked "Ignore", then calendar startup parameters are ignored. 2. Frequency: Run on a selected day of the month Specify the month, start time, the number (or an infinite number), remove checkbox "Ignore" from calendar dates, specify the month with the calendar restrictions. 3. Frequency: Run on a selected day of the week State the day of the week that you want the schedule to run on. The comments box is filled at random Once you click apply the job status will be seen as "new", and then will change to online as soon as the daemon recognizes it. Example of task scheduler which executes a terminal script.

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 30 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

V Monitoring
The system administrator can view the System activity monitor and Gateways activity monitor using the menus Monitoring-->Monitoring system activity, Monitoring--> Monitoring gateways activity.

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 31 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Monitoring system activity, Shows the following graphical vectors Bytes Accepted Bytes Dropped Connection Requests Allowed: 'Bytes|Packets' Dropped: 'Bytes|Packets' Packets: 'Accepted|Dropped' Bytes: 'Accepted|Dropped' Monitoring gateways activity Shows the following graphical vectors "Traffic (Total)"; "Traffic (Incoming)" "Traffic (Outgoing)" "Ping (ISP's Link)" "Ping Gateway" Example: Gateway traffic Total

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 32 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

VI Working with Directories


The system admin can work with the following system Directories 1. IP List 2. Ports 3. Websites
Authors: Galeev Rustam Kononenko Nikolai Zhinyaeva Anna Sinyaev Valery Page 33 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

1. IP List: Ip address Directory. Found in Directories-->Commercial-->IP List Automatically generates a list of IP addresses on the network. For example if me make a ip list of subnet 192.168.0.1/24, it will form a list of IP addresses according to the given mask from 192.168.0.1 to 192.168.0.254. IP List addresses are used when adding users.

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 34 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

2. Ports Found in Directories-->Ports You can add your own port for traffic accounting purposes here. Most of the essential ports have already been listed here (e.g. Http port 80, ftp port 21 etc). To include accounting of traffic via ports, you need to edit the specific port and put a mark in checkbox

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 35 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Add a separate line in report 3. Websites a. Directories-->websites-->Websites Here you can add individual sites that you wish to block users from accesing. You can add the site to a specific web-site group. Site addresses are specified by dns-name or IP, without the prefix http, ftp, etc. b. Directories-->websites-->Website Groups Here you group of banned websites are created e.g. group: Porn, Group: Facebook etc. You can also upload blacklists from here. Site addresses are specified by dns-name or IP, without the prefix http, ftp, etc. There are 2 additional icons in the Website Groups menu: Export and Reload List

Export: Exports list of groups in text file format. You can also import files in similar format Reload List: Used when you add a website in (Directories-->websites-->Websites) which will refresh the group list. Note: you can activate these lists from the Access Control Tab located in the groups menu (Users-->Groups)

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 36 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

VII Help Desk


Working with the HelpDesk is carried out from the menu Tickets. Tickets system enable a user to create a ticket from his personal account or it enables the admin to create a ticket for the user. Ticket System also allows you to send a system message to all users. This message is viewed by all users from their personal log in pages. 1. Tickets-->User Tickets (Details are given in a separate documentation named TraffproHelpDesk) 2. Tickets-->Reasons To work with tickets, you need to create a Reason as to why the user created a ticket. This can be done by clicking on Tickets-->Reasons The Parent Reason should be one that users most commonly would use e.g. Internet Problem, Account Problem e.t.c.

You can also add child elements to the Main reason if you wish.

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 37 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

The User thus from his login Page Selects My Tickets Bar and can choose the reason you created.

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 38 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

The admin Rights and access to work with tickets are given when a new admin is created. By default a new admin has no rights to create tickets. To see the list of tickets select Tickets-->View

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 39 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

In a listed view, you will see all the tickets that users submitted to you as the chief admin/sub admin. Tickets can also be sorted by using filters which are located on the left side of the window By Time:

By Reason/Subject:
Authors: Galeev Rustam Kononenko Nikolai Zhinyaeva Anna Sinyaev Valery Page 40 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

By Status: The TraffPro HelpDesk has worked out a tentative model on changing the status of tickets. Changing the status of a ticket is determined by the manager (director, department head) depending on how you gave them admin privileges.

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 41 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

By Computer:

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 42 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

By Assignment:

In the lower left corner of the window, you can see what rights you have to edit the tickets you are given.

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 43 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Editing and working with tickets If you have permission to view tickets, then you can view and choose a specific ticket for editing by clicking on Tickets-->View. However if you have no rights to view all tickets, you will only be able to view the tickets assigned to you by the Chief Administrator who has the main rights to assign tickets to the sub-admins. To view tickets assigned to you specifically select Tickets-->Assigned To You.

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 44 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

To edit and reply to a ticket, you need to click the "Proceed and execute" icon forst

Ticket Status will change to "Open". To edit the ticket and change the status of the ticket click the view button

For changing the status, edit the ticket assigned to you, write your message and then select which status you want the ticket to have by clicking on the change status window. Then click the icon "Add message" to execute the actions you peformed.

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 45 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

The following statuses are available for tickets.

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 46 of 47

Project: Electronic Document Document: TraffPro (Traffic & Protection). Administrator Manual Date: Version: 10th March 2010 1.3.4 Business

Authors:

Galeev Rustam Kononenko Nikolai

Zhinyaeva Anna Sinyaev Valery

Page 47 of 47