WgWatch is a service which monitors and limits interfaces' data usage on a mikrotik router.
This project exists because I needed a way to limit data usage for vpn users.
Run the following commands on your Mikrotik Router to enable the rest api. WgWatch is designed to allow self signed certificates.
/certificate
add name=root-cert common-name=MikrotikRouter days-valid=3650 key-usage=key-cert-sign,crl-sign
sign root-cert
add name=https-cert common-name=MikrotikRouter days-valid=3650
sign ca=root-cert https-cert
/ip service
set www-ssl certificate=https-cert disabled=no
set www disabled=yes
To build this project
git clone https://github.com/schgab/WgWatch.git && cd WgWatchdotnet publish -c Release -o publish --self-contained WgWatch
This outputs the application to the folder publish/
Note: Everything in the publish folder is needed
You need to open publish/appsettings.json and change the value of the key ConfigFile to the path of your config file. The default location is /etc/wgwatch/config.json.
This repository contains an example unit file for systemd and an example config file.
The main configuration is the following:
intervalinminutes- every x minutes a request is send to the mikrotik to update data usageendpoint- the url of the Mikrotik in the form of 'https://{yourdomain or your ip}/rest/'user- your mikrotik username (needs privileges to turn off and on interfaces)password- the passwordinterfaces- list of interfaces to be monitored
An interface has the following options:
name- has to match the name of the interface on the Mikrotik devicequota- the amount of data (in GiB) the interface is allowed to use in the specified time periodperiod- the time period (in whole days). After the period the data usage is resetaction- takes one of three possible valuesnone- nothing happens when the quota is exceededshut- the interface gets disabled when quota is exceededauto- same as shut, but the interface gets enabled after new period starts
Simply add wgwatch-ignore to the interface comment on the Mikrotik router.