    IP-  NetBilling
============================================
$Revision: 1.15 $

(C) 2003, Michael Klimenko
http://netbilling.nm.ru
mailto:netbilling@nm.ru


 
--------------------

-     Linux
-  Perl 5
-    MySQL
-  net-acct


 
------------------

-    net-acct,    
   ,   .
  
-    MySQL.

-     MySQL,    , ,
        .
  
-  ,       
  Web-.
  
-  ,    
  ,        
   .
  
- ,      (  
  5-15 ),    ,  
      ,     
        .   
      : gettraf.pl
  
- ,  ,   
          .
      : getfee.pl
  
- ,     (  
  MySQL!),        
   .
      : setaccess.pl
  
-         .  
          
      iptables    root.
      ,   
        .
 


      Apache
----------------------------------------------------

   ,     
NetBilling,   "?",      
.

         , 
   .

     ,     
 web- .   ,  
        
 . ,     
somedomain.com,      netbill.somedomain.com 
    www- Apache.

 (   Apache)   
  (   apache-2):

###########################
## netbill.somedomain.com
<VirtualHost *>
DocumentRoot /home/httpd/netbill/html
ServerName netbill.somedomain.com
ScriptAlias /cgi-bin/ /home/httpd/netbill/cgi-bin/
</VirtualHost>

<Directory /home/httpd/netbill/html>
    Options -Indexes FollowSymLinks MultiViews Includes
    AllowOverride All
    Order allow,deny
    Allow from all
</Directory>

<Directory /home/httpd/netbill/cgi-bin>
    AllowOverride All
    Options ExecCGI
    Order allow,deny
    Allow from all
</Directory>

<Directory /home/httpd/netbill/html/admin>
    AuthType Basic
    AuthName "NetBilling"
    AuthUserFile /home/httpd/netbill/etc/.htpasw
    Require valid-user

    Order deny,allow
    Deny from all
    Allow from 192.168.22.1 127
    Satisfy all
</Directory>

<Directory /home/httpd/netbill/cgi-bin/admin>
    AuthType Basic
    AuthName "NetBilling"
    AuthUserFile /home/httpd/netbill/etc/.htpasw
    Require valid-user

    Order deny,allow
    Deny from all
    Allow from 192.168.22.1 127
    Satisfy all
</Directory>

##
###########################

,   /home/httpd/netbill   etc  bin, 
      
.   www    client.pl 
 admin  /home/httpd/netbill/cgi-bin,   
html -  /home/httpd/netbill/html.

!!!!!!  /home/httpd/netbill/cgi-bin/admin 
/home/httpd/netbill/html/admin     
(       /home/httpd/netbill/etc/.htpasw
       htpasswd2; 
  .htpasw    "mike" 
 "mike").       
SSL.  ,     IP-,  
     ( Allow from).

     :
-        
  http://netbill.somedomain.com/    
   http://netbill.somedomain.com/cgi-bin/client.pl
-        
  http://netbill.somedomain.com/admin   
    http://netbill.somedomain.com/cgi-bin/admin/

    bin.   ,   
     :
- root
- ,     Apache
- ,        cron

,   ipta      root 
 -rwsr-sr-s, ..     UID  GID.
       
  / .


 
-----------------

1.     net-acct.

         -     
   nacctab    :
   
   disable 7
   
      (  )  
    disable.
   
      -     ,    
   net-acct  ,      .
   
    ,       net-acct  
         IP-  
      ,      
        .   
      ,     
            
          TCP-.  
        (gettraf.pl)   
      (     net-acct).
   
     ,     -    ,
     ,    .
            .
          
    net-acct.      fdelay  0.
   
2.   MySQL.   .

    MySQL     ,   
       [mysqld]   (
       ):
   
   language = /usr/share/mysql/russian/
   default-character-set=koi8_ru
   
       MySQL, , netbiller 
      ( ţ netbill)  :
   
   # mysqladmin -u root -p create netbill
   
   (    ,    root  ).
   
          netbill.sql:

   mysql netbill -u netbiller -p < netbill.sql
   
3.    .

     web- (   
      SSL)      
        /www/admin   
     .

4.    .

     netbill.conf    
     (   ).    
       .
   
     netbill.conf    
   web-,   /usr/local/etc/.     
   motd.txt,  ,     
    -   ( ,    
   ).    procs.pl   my $config_file = .....
         netbill.conf.

5.   

   ,     Perl- Sys::Syslog.  
   ,    www.cpan.org     
   Σ .
   
        syslogd ( /etc/syslog.conf)
    :
   
        local3.*                /var/log/netbill.log   
	
    ,   .   
     .      
   facility ( local3),     -  
     ,       
   .
   
6.    .

           require ..... 
      procs.pl.   client.pl   
    ,  SSL. !     
         ,  
    !
   
7.   ,      
   gettraf.pl.
   
        2-10 .  
         cron:
   
   # crontab -e
   
   */5 * * * * /home/httpd/netbill/bin/gettraf.pl
   
    ,       
   ,    . 
        
   gettraf.pl   LOCK-.    
     ( gettraflock  ) 
       gettraf.pl.    
        ,   
       ,    ,  gettraf.pl 
     -   ( ,  gettraf.pl  
   ).
   
8.     .

    getfee.pl   ,    
    ,     
   . ,      1  
   .    ,      gettraf.pl, ..
      cron, :

   # crontab -e
   
   0 10 * * * /home/httpd/netbill/bin/getfee.pl
   
   ..       10:00.
   
   getfee.pl  ,      
    .

9.     .

       ,  -
         cron.

        reportday.pl.
           ,   23:50.

   50 23 * * * /home/httpd/netbill/bin/reportday.pl

        reportday.pl  
        (    
         ).     
   ,  . ,       
   :

   10 00 1 * * /home/httpd/netbill/bin/reportmonth.pl

   
10. ,    .

         
       (, iptables)   ,
         . 
     setaccess.pl.     
   ,       ,
   ,  rc.local.  ,   
           MySQL.
   
     :    ,  
    ,    ,  
         IP- ;
       ,     (.
   ).
   
11.       .

       ӣ ,   .  
     .    : 
       ,   
    ( spath_deactivate   ) 
    IP- .     
   ,      
   (spath_activate).
   
           shell-, 
    (  )   (  )
   ,  ,   FORWARD ( filter) 
    IP- . ,    
    MASQUERADE,    ţ    (, 
           iptables).
         ,  
    web- (        crond).
           - 
   (ipta),  iptables    SUID-  
   root  .
   
     ipta,     ipta.c   
    iptables  ,    .  
     ipta   :
   
   gcc -oipta ipta.c
   
         ipta  
    SUID  SGID,      
    root:
   
   chown ipta root.root
   
   chmod 6755 ipta
   
     ipta     ,   
   ,      web-    !
    ,           ,
          ,   -
      ipta     , 
      ipta   SUID-.  
       .
   
   ,       
        ,    
   ,          ,
       ( ,  ) 
   .     ģ , ,
   ,  ,        
       ,   , 
     (    iptables).

