First of All we will ready our server as an Web Server with Database & SSL Support:
# apt-get install mysql-server mysql-client apache2
# apt-get install openssl ssl-cert
# mkdir /etc/apache2/ssl
# make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
# a2enmod ssl
# /etc/init.d/apache2 force-reload
# cp /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl
Change the SSL port 80 to 443:
# vim /etc/apache2/sites-available/ssl
=>> change <VirtualHost *:80> to
<VirtualHost *:443>
=>> Add the following two lines between <virtualHost> container
</VirtualHost>
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
</VirtualHost>
ReEnable SSL and forcefully restart the services:
# /etc/init.d/apache2 force-reload
# a2ensite ssl
# /etc/init.d/apache2 restart
Download and Install the required Packages:
# apt-get install libphp-adodb php5-cli php5-gd php-pear php5-snmp php5-adodb phpmyadmin curl libnet-netmask-perl
Downlad and configure WebHTB package and upzip package:
# apt-get install bzip2
# cd /var
# wget http://www.webhtb.ro/downloads/WebHTB_V2.9.bz2
# tar -jxvf WebHTB_V2.9.bz2
# chown -R www-data.www-data /var/webhtb
Now add the following lines in ssl file:
# vim /etc/apache2/sites-available/ssl
Alias /webhtb /var/webhtb
<Directory "/var/webhtb">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
SSLEngine On
The ssl file should look like this Finally (In my case)
=======================================
<VirtualHost *:443>
ServerAdmin webmaster@localhost
Alias /webhtb /var/webhtb
<Directory "/var/webhtb">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
SSLEngine On
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
================================================
Restart the apache2 service:
# a2ensite ssl
# /etc/init.d/apache2 restart
Go to your favorite web browser and navigate the following Link:
https://Server-Ip-Address/webhtb/setup/
Now the Graphical Mode config will start......
>> Give the mysql root password in the asking password text boxes...
>> Chose the appropriate interface.. {Remember it should be your LAN facing interface not WAN }
>> After pressing Apply it will redirect you https://Server_Ip_Address/webhtb/index.php#
=======================================================================
$$$$$ Here you Don't Need to add any new Interface bcoz you have already assigned a NIC in Setup Phase.
=======================================================================
Add Class from the (Classes+) Menu:
>> Go to Classes+ >> Add Classes >> Add a New Class page will arrive..{add here as you need}
Now you have to Add Client:
>> Go to Add client Menu
>> CLINT can be any name but PCName (Client PC)can be a good one.
>> BANDWIDTH IS IN kbps (kilo bit not byte)
>> LIMIT (Limit at a certain bandwidth as you want...)
>> MAC (You can apply policy through specific MAC)
>> BURST & PRIORITY should be default (If you are not an Advanced User)
>> UPLOAD (You can specify upload throttle speed)
Optional:
>> SRC IPS should be your gate way ip
>> DST IPS should be your Client PC IP
# apt-get install mysql-server mysql-client apache2
# apt-get install openssl ssl-cert
# mkdir /etc/apache2/ssl
# make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
# a2enmod ssl
# /etc/init.d/apache2 force-reload
# cp /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl
Change the SSL port 80 to 443:
# vim /etc/apache2/sites-available/ssl
=>> change <VirtualHost *:80> to
<VirtualHost *:443>
=>> Add the following two lines between <virtualHost> container
</VirtualHost>
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
</VirtualHost>
ReEnable SSL and forcefully restart the services:
# /etc/init.d/apache2 force-reload
# a2ensite ssl
# /etc/init.d/apache2 restart
Download and Install the required Packages:
# apt-get install libphp-adodb php5-cli php5-gd php-pear php5-snmp php5-adodb phpmyadmin curl libnet-netmask-perl
Downlad and configure WebHTB package and upzip package:
# apt-get install bzip2
# cd /var
# wget http://www.webhtb.ro/downloads/WebHTB_V2.9.bz2
# tar -jxvf WebHTB_V2.9.bz2
# chown -R www-data.www-data /var/webhtb
Now add the following lines in ssl file:
# vim /etc/apache2/sites-available/ssl
Alias /webhtb /var/webhtb
<Directory "/var/webhtb">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
SSLEngine On
The ssl file should look like this Finally (In my case)
=======================================
<VirtualHost *:443>
ServerAdmin webmaster@localhost
Alias /webhtb /var/webhtb
<Directory "/var/webhtb">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
SSLEngine On
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
================================================
Restart the apache2 service:
# a2ensite ssl
# /etc/init.d/apache2 restart
Go to your favorite web browser and navigate the following Link:
https://Server-Ip-Address/webhtb/setup/
Now the Graphical Mode config will start......
>> Give the mysql root password in the asking password text boxes...
>> Chose the appropriate interface.. {Remember it should be your LAN facing interface not WAN }
>> After pressing Apply it will redirect you https://Server_Ip_Address/webhtb/index.php#
=======================================================================
$$$$$ Here you Don't Need to add any new Interface bcoz you have already assigned a NIC in Setup Phase.
=======================================================================
Add Class from the (Classes+) Menu:
>> Go to Classes+ >> Add Classes >> Add a New Class page will arrive..{add here as you need}
Now you have to Add Client:
>> Go to Add client Menu
>> CLINT can be any name but PCName (Client PC)can be a good one.
>> BANDWIDTH IS IN kbps (kilo bit not byte)
>> LIMIT (Limit at a certain bandwidth as you want...)
>> MAC (You can apply policy through specific MAC)
>> BURST & PRIORITY should be default (If you are not an Advanced User)
>> UPLOAD (You can specify upload throttle speed)
Optional:
>> SRC IPS should be your gate way ip
>> DST IPS should be your Client PC IP
Good afternoon!
ReplyDelete"Sorry for my english unconventional"
My name is Amauri. I'm from Brazil!
Dear, first would like to congratulate you for execente tutorial on "Webhtb open source, Version: 2.9.25", available at:
http://opikdesign.com/kios/webhtb/WebHTB_V2.9.25.pdf
http://opikdesign.com/kios/webhtb/webhtb_V2.9.25.tar.bz2
There is a newer version?
I request your help because I'm not getting the bandwidth control of users (by IP address) to upload because the download control is working perfectly. Below my network scenario:
- Operating System: Debian 7 (Wheezy) Amd64;
- Two (02) network interfaces:
* ETH0 = Local Network
* ETH1 = Internet
- Server with squid (version 3.1);
I tried the settings reported in that tutorial, as well as other possible but not getting hit!
Mr. Case has some more current material or could help me somehow I will be grateful in advance!
Hello,
ReplyDeleteThank you for your tutorial, it realy help me, but I have a problem when I'm login on https://myipaddres/webhtb/index.php it's not going any page..still loading page..
What should I do