Hi there,
First, THANK YOU, sammydee, HUGE THANK YOU for this how to!!! All is up and running
Also I wanted to add a couple of things to watch out for, while putting all pieces of the router together:
1. after intalling Webmin and changing its password with command
Code:
sudo /usr/share/webmin/changepass.pl /etc/webmin root NEW_PASSWORD
the command and the new password! will be stored in .bash_history file in your home directory. I did not really like the idea that my password is stored somewhere. So, just in case you are also paranoid like me edit the file with
Code:
nano /home/USER_NAME/.bash_history
and delete/change the entry, just to be safe
2. DHCP server. At the time of installation the current ubuntu server version was 12.04.3, and it has slightly different DHCP server isc-dhcp-server
To install it:
Code:
sudo apt-get install isc-dhcp-server
The problem was, however, that Webmin (at the time of installation it was version 1.660) did not see this DHCP server, and a small operation required to return its sight. In Webmin go to Servers - DHCP Server and there click on Module Config. Then check the following parameters:
a. DHCP server config file - /etc/dhcp/dhcpd.conf
b. DHCP server executable - /usr/sbin/dhcpd
c. Command to start DHCP server - service isc-dhcp-server start
d. Command to apply configuration - service isc-dhcp-server restart
e. Command to stop DHCP server - service isc-dhcp-server stop
f. Path to DHCP server PID file - /var/run/dhcp-server//dhcpd.pid
g. DHCP server lease file - /var/lib/dhcp/dhcpd.leases
Change, if they are different. Other options should be left as is, save changes, you might need to log out and log back into webmin, now it should see DCHP server.
3. When setting up IP tables, in Network Address Translation (NAT) table of IP tables under packets after routing (POSTROUTING) should be:
Masquerade if output interfase is eth_BAD
Default action = accept
i.e. all ip packets that go into the internet from LAN will be masked, otherwise computers from local network will not have access to the internet. To be completely honest I have a hunch, that that option was there by default, and I "accidentally" ... it while playing with different settings.
One of the reasons I bothered setting up the router from a computer in the first place was that I needed control over the internet traffic. My problem was that I had 30 Gb of data (download + upload) from my ISP every month, and sometimes all internet would suddenly be gone before even the middle of the current month, because someone downloaded/watched to many videos/skyped too much
So, all I really wanted is a simple control over the overall traffic - if it exeeds 2 Gb of data per day, then bandwidth should be slowed to ~50 Kb/s till the end of that day (and restored with the start of a new day at midnight). And I also wanted the router to send me a warning e-mail when the limit was reached, and speed was slowed. Note, that I did not care who actually overused the internet, nor about any other fancy and elaborated way to torture individual users.
And in addition to this, traffic control should work without GUI, as I did not want to add any GUI to a headless server.
So a bit of research showed that:
1. Wondershaper will be good for the job to restrict the max up/down speed for an interface.
2. The only problem was that wondershaper cannot keep any records of daily usage, and cannot dynamically change up/down speed depending on the total daily traffic all by itself as I wanted. And wondershaper will not send me any e-mails either. However, the wondershaper will do what it was created for - the main part - restrict speed, the rest will be done by a special script.
3. All more advanced ways of traffic control through IP tables and advanced network configuration were (well, actually, why were? they still are!) like a rocket science to me.
Traffic control.
Purpose: to restrict bandwidth speed of an internet interface if daily traffic through it reaches 2 Gb. There are several files apart from the main script.
0. First things first, you need to install wondershaper:
Code:
sudo apt-get install wondershaper
1. trcontr.sh file – main script file that does the job. Assigned as a cron job in webmin, executed every minute as root, because wondershaper requires root access to set up/down speed.
2. dailytr.log file – logges how many bytes were used
3. sl_int_msg.txt – text of e-mail message that will be sent in case limit was reached
4. rsl.sh – extra script that resets daily usage and removes any speed restrictions. Executed manually when needed
5. rsl_boot.sh – extra script, executed as a cron job on start-up only, if/when server re/boots to zero all statistics.
Main script uses eth1 as internet interface, e.g. eth1 = eth_BAD, and assumes that the script and all files are located in /home/USER_NAME/Scripts
If you need any assisstance on how to make a script executable, or assign a cron job in webmin, or set up ssmtp to send e-mails, check out this how-to, in particular how to assign cron jobs and how to set-up ssmtp.
trcontr.sh
Code:
#!/bin/bash
#read RX and TX statistics for eth1 (internet) interface, and sum it up:
R1=`cat /sys/class/net/eth1/statistics/rx_bytes`
T1=`cat /sys/class/net/eth1/statistics/tx_bytes`
TXRX=`expr $T1 + $R1`
#read today's date and leave month and day only:
t_date=$(date)
sh_t_date=${t_date:4:6}
#read start date, start RX/TX and current RX/TX from log file:
start_date=$(sed -n '2p' /home/USER_NAME/Scripts/dailytr.log)
start_RX_TX=$(sed -n '4p' /home/USER_NAME/Scripts/dailytr.log)
current_RX_TX=$(sed -n '6p' /home/USER_NAME/Scripts/dailytr.log)
#calculate how much was used today and set up daily limit:
used_today=`expr $current_RX_TX - $start_RX_TX`
daily_limit=2000000000
echo "================================"
echo "Start Date= "$start_date
echo "Start RX/TX= "$start_RX_TX
echo "Current RX/TX= "$current_RX_TX
echo "Used today= "$used_today
#check if this is a new day:
if [ "$sh_t_date" != "$start_date" ]
then
echo "Start date is different from current date, shall start a new day"
#update Start date in the log:
sed -i "2 c${sh_t_date}" /home/USER_NAME/Scripts/dailytr.log
#start RX/TX and current RX/TX = current RX/TX:
sed -i "4 c${current_RX_TX}" /home/USER_NAME/Scripts/dailytr.log
sed -i "6 c${current_RX_TX}" /home/USER_NAME/Scripts/dailytr.log
#remove any speed restrictions from internet
/sbin/wondershaper clear eth1
# remove "email sent" flag
sed -i "6 c0" /home/tony-s/Scripts/sl_int_msg.txt
else
#The same day. Update current RX/TX in the log:
echo "This is still the same day, continue logging"
sed -i "6 c${TXRX}" /home/tony-s/Scripts/dailytr.log
#Check if used amount reached daily limit:
if [ $used_today -ge $daily_limit ]
then
echo "Daily limit reached!"
#check if e-mail was already sent and speed restricitons applied:
if [ $(sed -n '6p' /home/USER_NAME/Scripts/sl_int_msg.txt) -ne 1 ]
then
echo "This is first time limit was reached today, will send e-mail and slow down the internet"
#update "email was sent" flag, send it and slow down the internet
sed -i "6 c1" /home/USER_NAME/Scripts/sl_int_msg.txt
/usr/sbin/ssmtp YOUR_MAIL@gmail.com </home/USER_NAME/Scripts/sl_int_msg.txt
#wait for 20 seconds, while e-mail is being sent, otherwise speed restrictions will be applied and it will take too much time to send the message
sleep 20
/sbin/wondershaper eth1 50 50
else
echo "This is not the first time limit was reached today, e-mail was already sent, and restrictions applied, will do nothing"
fi
else
echo "Daily limit was not reached, enjoy fast internet (while you can :)"
fi
fi
exit
rsl.sh
Code:
#!/bin/bash
echo "===================="
echo "Ineternet daily limit will be reset, any speed restrictions removed"
#reset statistics: "start RX/TX" and "current RX/TX" = "current RX/TX":
current_RX_TX=$(sed -n '6p' /home/USER_NAME/Scripts/dailytr.log)
sed -i "4 c${current_RX_TX}" /home/USER_NAME/Scripts/dailytr.log
#remove any restrictions from internet
/sbin/wondershaper clear eth1
# remove "email sent" flag
sed -i "6 c0" /home/USER_NAME/Scripts/sl_int_msg.txt
exit
dailytr.log
Code:
#Start date:
Dec 29
#Start RX_TX:
587706007
#Current RX_TX:
616832747
sl_int_msg.txt
Code:
From: YOUR_MAIL@gmail.com
Subject: Daily limit reached
Daily internet limit was reached, connection speed was slowed down.
0
zero at the end of sl_int_msg.txt is very important, and must be in line #6!
rsl_boot.sh
Code:
#!/bin/bash
# this script will be run at start-up, in case server reboots to zero all statistics in log files
echo "===================="
echo "Ineternet daily limit will be reset, any speed restrictions removed"
#reset statistics: "start RX/TX" and "current RX/TX" = "current RX/TX":
sed -i "4 c0" /home/USER_NAME/Scripts/dailytr.log
sed -i "6 c0" /home/USER_NAME/Scripts/dailytr.log
#remove any restrictions from internet
/sbin/wondershaper clear eth1
# remove "email sent" flag
sed -i "6 c0" /home/USER_NAME/Scripts/sl_int_msg.txt
exit
That's it!
Bookmarks