Billing Panel For Home Internet Provider

The goal is to provide clients from a local network access to the internet, limit download traffic and bandwith for each client.

Technical Details

Server machine has 2 Ethernet connection: to local network and to the internet. I configured a VPN server using pptpd and configured NAT in Linux kernel firewall using iptables.

User logins and passwords are stored in a database in a MySQL server.

pptpd uses FreeRADIUS for authentication and freeradius-mysql with custom configuration to pull login and password from the database. I had to additionally configure radiusclient to support MS-CHAP so clients with Windows can connect.

ulog-acctd was configured to monitor IP packets and write an aggregated log file in needed format: timestamp source_ip destination_ip bytes.

A script is written to parse ulog’s log file and update traffic used by a user in the database. This script is lauched by cron every minute.

Additionally, the script checks if user’s limit is exceeded and kills particular session (ip addr show & kill cat /var/run/ppp4.pid).

In order to limit bandwidth I mark all the packets coming to VPN IP addresses and use tc to configure limits. This code is executed in an ip-up script.

Authors

• Backend & Linux Administration: Dmitry Zhlobo
• User Interface: Eugene Zhlobo

billing.tar.gz (modified on March 2021, docker-compose.yml is added to run it easy on modern computers, texts were translated to English, database.sql contains database migrations code).