Billing Panel For Home Internet Provider
The goal is to provide clients from a local network access to the internet, limit download traffic and bandwith for each client.
Technical Details
Server machine has 2 Ethernet connection: to local network and to the internet. I configured a VPN server using pptpd
and configured NAT in Linux kernel firewall using iptables
.
User logins and passwords are stored in a database in a MySQL server.
pptpd uses FreeRADIUS for authentication and freeradius-mysql with custom configuration to pull login and password from the database. I had to additionally configure radiusclient to support MS-CHAP so clients with Windows can connect.
ulog-acctd
was configured to monitor IP packets and write an aggregated log file in needed format: timestamp source_ip destination_ip bytes
.
A script is written to parse ulog’s log file and update traffic used by a user in the database. This script is lauched by cron every minute.
Additionally, the script checks if user’s limit is exceeded and kills particular session (ip addr show
& kill cat /var/run/ppp4.pid
).
In order to limit bandwidth I mark all the packets coming to VPN IP addresses and use tc
to configure limits. This code is executed in an ip-up script.
Authors
- Backend & Linux Administration: Dmitry Zhlobo
- User Interface: Eugene Zhlobo
billing.tar.gz (modified on March 2021, docker-compose.yml is added to run it easy on modern computers, texts were translated to English, database.sql contains database migrations code).