Date: Wed, 12 Nov 2008 00:57:38 +0700 From: "Outback Dingo" <outbackdingo@gmail.com> To: "Neil Neely" <neil@neely.cx> Cc: freebsd-isp@freebsd.org, Jack C <jack@crepinc.com> Subject: Re: Billing for a Wireless Access Service Message-ID: <5635aa0d0811110957m6eb26dcdoaa1e43310b3e5421@mail.gmail.com> In-Reply-To: <6655283D-E224-4088-B235-31A2F52EB8E1@neely.cx> References: <991123400811110028y455bcd7aw85fdbb71d43d77f7@mail.gmail.com> <29638.202.43.161.193.1226396457.squirrel@mail.indo.net.id> <5635aa0d0811110452s6c2b9697l86b08fd7a5d47915@mail.gmail.com> <20081111083131.142942rf5j59ulus@econet.encontacto.net> <2ad0f9f60811110814i7372e2e8je2879b20d4e39c6f@mail.gmail.com> <6655283D-E224-4088-B235-31A2F52EB8E1@neely.cx>
next in thread | previous in thread | raw e-mail | index | archive | help
wow thats alot of effort when you can use coova, radius and WISPr profiles.... no need to overpopulate firewall rules On Wed, Nov 12, 2008 at 12:21 AM, Neil Neely <neil@neely.cx> wrote: > > ipfw pipes are worth looking into as well. > > I use them for bandwidth throttlling and accounting, but you can do what > you want with them. > > You can do some fun things with ipfw tables and ipfw pipes too, stuff like > this: > > ipfw pipe 256 config bw 256Kbit/s mask src-ip 0xffffffff > ipfw pipe 257 config bw 256Kbit/s mask dst-ip 0xffffffff > ipfw pipe 512 config bw 512Kbit/s mask src-ip 0xffffffff > ipfw pipe 513 config bw 512Kbit/s mask dst-ip 0xffffffff > > > ipfw add 00010 pipe 256 ip from 'table(5,256)' to any out > ipfw add 00010 pipe 512 ip from 'table(5,512)' to any out > > > ipfw add 00020 pipe 257 ip from any to 'table(5,256)' in > ipfw add 00020 pipe 513 ip from any to 'table(5,512)' in > > > Then to add a specific IP to be throttle to 256KB: > ipfw table 5 add 10.0.0.2/32 256 > > Or if you wanted them to have 512KB: > ipfw table 5 add 10.0.0.2/32 512 > > Obviously you could have the speeds be whatever you want and differentiate > them for each IP address and have as many speeds as you felt like > supporting. You could also set the speeds to be very high (thus disabling > the bandwidth throttling portion) and just use an approach like this to pull > off what you were aiming for. > > For accounting purposes you can run "ipfw pipe show" and it will show you > the counters for each individual ip for both in and outbound traffic to make > your accounting decisions. If you wanted to hard cap and shut them down > when they max out - you can just delete the rule that lets them pass traffic > (most likely then letting them get shoved into a captive portal that sends > them to a webpage asking them to pay more?). > > > > Neil Neely > http://neil-neely.blogspot.com > > > > > > On Nov 11, 2008, at 9:14 AM, Jack C wrote: > > I've seen people add an ipfw rule for each client. 'ipfw show' then give >> octet counters that can be summed and graphed in the same manner as >> interfaces. >> >> -Jack >> >> On Tue, Nov 11, 2008 at 9:31 AM, eculp <eculp@encontacto.net> wrote: >> >> Quoting Outback Dingo <outbackdingo@gmail.com>: >>> >>> or simply install radius and coova-chilli on FreeBSD and a linksys or >>> >>>> dlink, >>>> no need for overpriced microtik crap >>>> >>>> >>> Would chillispot from ports do the same? Ports make keeping up with >>> third >>> party apps and security alerts soooo much easier. >>> >>> thanks, >>> >>> ed >>> >>> >>> On Tue, Nov 11, 2008 at 4:40 PM, Aladi Saputra <aladi@indo.net.id> >>> wrote: >>> >>>> >>>> Dear adhiambo, >>>> >>>>> >>>>> >>>>> try to used mikrotik router combine with radius :) >>>>> >>>>> >>>>> Salam, >>>>> >>>>> >>>>> Putra >>>>> >>>>> >>>>> Hello list, >>>>>> >>>>>> I'd like to setup a wireless access point to share with my neighbors, >>>>>> >>>>> but >>>>> >>>>>> would like to limit them on the volume they can TX. For example, I'd >>>>>> >>>>> like >>>>> >>>>>> to >>>>>> restrict a user to "N" MB such that as soon as this volume is used, >>>>>> the >>>>>> system denies them any further transfers. This must be accompanied by >>>>>> authentication, using RADIUS, and a MySQL backend is preferred for the >>>>>> management. >>>>>> Now, from my visualization, I can see three areas to work on: The >>>>>> >>>>> Access >>>>> >>>>>> Point, linked to RADIUS to provide authentication. However, I find a >>>>>> challenge on how to do the accounting and eventual control/restriction >>>>>> >>>>> of >>>>> >>>>>> data volumes. >>>>>> >>>>>> I am looking for suggestions. >>>>>> >>>>>> -- >>>>>> Best regards, >>>>>> Odhiambo WASHINGTON, >>>>>> Nairobi,KE >>>>>> +254733744121/+254722743223 >>>>>> _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ >>>>>> "Life must be understood backwards; but... it must be lived forward." >>>>>> - Soren Kierkegaard >>>>>> "Oh My God! They killed init! You Bastards!" >>>>>> --from a /. post >>>>>> _______________________________________________ >>>>>> freebsd-isp@freebsd.org mailing list >>>>>> http://lists.freebsd.org/mailman/listinfo/freebsd-isp >>>>>> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org >>>>>> " >>>>>> >>>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> This email was sent using onemail - beta http://mail.indo.net.id/ >>>>> >>>>> _______________________________________________ >>>>> freebsd-isp@freebsd.org mailing list >>>>> http://lists.freebsd.org/mailman/listinfo/freebsd-isp >>>>> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >>>>> >>>>> _______________________________________________ >>>>> >>>> freebsd-isp@freebsd.org mailing list >>>> http://lists.freebsd.org/mailman/listinfo/freebsd-isp >>>> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >>>> >>>> >>>> _______________________________________________ >>> freebsd-isp@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-isp >>> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >>> >>> _______________________________________________ >> freebsd-isp@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-isp >> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >> > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5635aa0d0811110957m6eb26dcdoaa1e43310b3e5421>