Home

Why would you want a hotspot/access point monitor

So why would you want one of these? I started with one reason, but after using it and using it in a non mobile environment I've found other benefits.

My reason for developing this tool was so that I could identify large data consumers while using mobile data on Google's Fi network. While on vacation, I had a day when my mobile data usage spiked and literally doubled the amount of data that I had consumed over the previous 14 days. I suspected that one of my devices did some sort of unknown upgrade, but I didn't know which device it was nor did Google have any tools to help me isolate the culprit. So, I decided to build a tool myself.

My first version was released in 2018 and it had the basics of what I needed.

1. Instead of making my phone a hotspot/access point, I programmed a Raspberry PI 3 to be one and then tethered my phone to the Raspberry PI.
2. I configured iptables to establish routing between DHCP clients and the internet through my tethered phone. Within the iptable configuration, I added logging of forwarded packets. iptable log lines contain time stamps, source and destination IP addresses, and packet lengths.
3. The logs, in truth, are all that are needed to track down who is using large amounts of data, but to help analyze the logs I developed a node.js display server that could help me visualize which links were high use links.
4. The display server could be commanded to produce plot files from the kernel logs.
5. The display server could be commanded to display the plot files.
6. Within a plot file, the user could edit out lines that were of no interest or re-plot a line on its own y-axis.
7. The display server could be commanded to display usage in real-time.

In 2020, I updated the installation procedure to support Raspian Buster, the Raspberry PI 4, and Pi-hole. Pi-hole is very useful in reducing unwanted advertisement traffic which is especially annoying when paying for a metered data connection (like Google's Fi). While doing this I experimented with using a PI 0. I was amazed that the little PI 0 actually did a decent job with this task. As I continued experimenting, I decided to enhance the analysis capability.

1. I added annotation of IP addresses.
2. I culled out the display of low utilization links.
3. I compacted the number of points displayed in the graphs.
4. I eliminated redundant traces that were automatically going to /var/log/syslog and /var/log/messages.

The net result of these changes improved the display and system performance. Previously, when I displayed all of the links used, there were large numbers of lines on each graph. When logging was performed over long periods, there were many points in each graph. By displaying less link lines and less points, the browser display is much more responsive without much loss of information.

After making these changes, I actually attached the monitor to my home network and now I attach many of my home devices to the hotspot monitor instead of my provider's router. This buys me reduced advertisement clutter and continuous visibility into my phone's data use and my laptop's data use. Running it all the time and inspecting Pi-hole's dashboard assures me that no one else is on my network.