Bandwidth Management using WebHTB

Home / Bandwidth Management using WebHTB

Bandwidth Management using WebHTB

December 9, 2015 | Article | No Comments

In the world of computer networking and computer science, the word bandwidth (also known as network bandwidth or data bandwidth) is a term used to refer various bit-rate measures, representing the available or consumed data communication resource. The measurement is expressed in unit bits per seconds or multiples of it (bit/s, kbit/s, Mbit/s, Gbit/s, etc).

In a simpler words, we can treat bandwidth as a road connecting internet, connecting a computer to computer. The road may broad, and also can be narrow. Broader the road, more vehicles or carriage can pass through, and vice versa. In this term, the capacity of vehicles is determined by the road. And so the network bandwidth. A broader network means larger data can pass. Increasing in bandwidth will increase rate of data to pass.

Widely, the data transfer is divided into two mode: transmit and receive. We can call these as upload and download.

A network administrator could have a headache when dealing with bandwidth management. In some limited bandwidth place, usage of download manager can cut or even take all bandwidth available. Yes, they can use all the bandwidth on network. In that term we should manage the bandwidth and use it efficiently. One of tools to do that is WebHTB.

In this article we will discuss about how to use WebHTB to control the traffic and limit the bandwidth on network. For that purpose, I use followings:

  1. Slackware64 14.0
  2. WebHTB

WebHTB Overview

WebHTB is released on Open Source license and can be used on every Linux. It use web interface and behind of that use PHP, Javascript (AJAX) and work using MySQL. And moreover, it is HTML5.

WebHTB offers features:
  1. bandwidth limitation using public IP addresses, using the two configuration files for upload and download
  2. bandwidth limitation using private IP address (SNAT), using a single configuration file
  3. match mark
  4. match mark in u32
  5. match MAC address in u16 adn u32 for both download and upload
  6. metropolitan/external limitation
  7. can ignore upload when mark is set
  8. etc

Obtaining the Material

WebHTB can be download from their official site, http://webhtb.nethd.ro/. The latest version as I write this article is 2.9 (per March 7th, 2013). You can download it directly on this.

Preparing the System

To run WebHTB there are some condition met. And remember that this tool is web based. Now what we need?
  1. iproute with tc
  2. SSH2 server accepting root logins from localhost
  3. OpenSSL
  4. modules compiled into kernel like: sch_sfg, cls_u32, sch_htb, sch_ingress, act_police, and optionally sch_esfg

WebHTB use SSL Certificate to operate. Thus you need to create proper SSL certificate. Make sure you have OpenSSL installed. You can check whether you have OpenSSL or not by invoke openssl command. If a prompt appear like this:

OpenSSL>

Then you have one. Otherwise, you should install OpenSSL for Slackware first.

Once you have install it, create a certificate. This procedure is similar to creating SSL certificate on FreeBSD. In these commands, we will generate keys for the Certificate Signing Request (CSR). At first attempt we create secure one with passphrase. The next one we create key which doesn’t use passphrase (we call it insecure one). After the CSR is created, we create the Self Signed Certificate. In the last stage, we install them on special folder /etc/ssl/. Followings are the actual commands:

openssl genrsa -des3 -out server.key 1024
openssl rsa -in server.key -out server.key.insecure
mv server.key server.key.secure
mv server.key.insecure server.key
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
cp server.crt /etc/ssl/certs
cp server.key /etc/ssl/private

Next we need to alter some configuration on /etc/httpd/httpd.conf. On that file, make sure the mod_ssl.so is loaded. Thus you will have a line like this (change lib64 with lib if you have Slackware 32 bit): LoadModule ssl_module lib64/httpd/modules/mod_ssl.so

And make sure you have activated Include /etc/httpd/extra/httpd-ssl.conf on it.

Now adjust the location of SSL certificate described on httpd.conf. Make sure you point the location to our newly created certificate. You may alter SSLCertificate “/etc/httpd/server.crt” to SSLCertificate “/etc/ssl/cert/server.crt”, and SSLCertificateKeyFile “/etc/httpd/server.key” to SSLCertificateKeyFile “/etc/ssl/private/server.key”.

Restart the apache server and check directory on apache’s mod-config. These commands:

/etc/rc.d/rc.httpd restart
nano /etc/httpd/extra/httpd-ssl.conf

Now go to /var and extract the WebHTB source file using:

tar -jxf WebHTB_V2.9.bz2

Now you should have /var/webhtb directory. Then change the ownership so apache can access it:

chown -R apache.apache /var/webhtb

Now edit /etc/httpd/extra/httpd-vhosts.conf and add following lines before end of file:

Alias /webhtb /var/webhtb
<Directory "/var/webhtb">
   Options Indexes FollowSymLinks MultiViews
   AllowOverride None
   Order allow,deny
   allow from all
</Directory>

Restart apache. Once you have passed this stage, then you have successfully install WebHTB.

Test Drive

To access WebHTB, open browser (firefox, chrome, konquer, etc) then write down following to url bar:

https:///webhtb

If it is successful, then something like this will be printed to your display. Fill the field which has red color:

Webhtb

Once we pass the download process and finish configuring, we don’t need the installer anymore. Therefore, we have to remove it so it won’t be problem. To do so do following:

cd /var/webhtb
rm -rf install

Now you should see something like this when you want to access WebHTB:

Webhtb1

Configurating

Now, here is the important part, the configuration. In this section we will discuss about a simple scenario.

Here we want to add classes: segment name which will be limited. Moreover, we also needed to limit bandwidth allocation and amount of limitation.

Login to WebHTB and choose tab Classes then something similar here:

Webhtb2

Then choose add client tab and write down IP address which will be limited.

Webhtb3

The configuration won’t be activated unless we change the QoS status and activate it. Thus:

Webhtb4

Another thing we should monitor is WebHTB’s performance, as seen here:

Webhtb5

Happy hacking

, ,

About Author

about author

xathrya

A man who is obsessed to low level technology.

Leave a Reply

Your email address will not be published. Required fields are marked *

Social media & sharing icons powered by UltimatelySocial