billing:howto:accel_install_debian12:13

Accel-PPP — сборка и установка на Debian 12 / Debian 13

0) Переменные для Debian 12 / Debian 13

# Debian 12: 
export CPACK_TYPE=Debian12
# Debian 13:
export CPACK_TYPE=Debian13

1) Зависимости

apt update 
apt install -y build-essential cmake gcc kmod \
linux-headers-$(uname -r) git \ 
libpcre2-dev libssl-dev liblua5.1-0-dev

2) Клонирование исходников

cd /opt 
git clone https://github.com/accel-ppp/accel-ppp.git accel-ppp-code 
cd accel-ppp-code 
git checkout master

3) Сборка и установка .deb

mkdir -p /opt/accel-ppp-code/build 
cd /opt/accel-ppp-code/build
 
cmake
-DBUILD_IPOE_DRIVER=TRUE
-DBUILD_VLAN_MON_DRIVER=TRUE
-DRADIUS=TRUE
-DSHAPER=TRUE
-DLUA=TRUE
-DCMAKE_INSTALL_PREFIX=/usr
-DKDIR=/usr/src/linux-headers-$(uname -r)
-DCPACK_TYPE=${CPACK_TYPE}
..
 
make -j"$(nproc)"
cpack -G DEB
 
ls -1 .deb
apt install -y ./.deb

4) Автозагрузка модулей (и сразу подгрузить их сейчас)

4.1. Модули “на ребут”

cat >/etc/modules-load.d/accel-ppp.conf <<'EOF'
8021q
ifb
sch_htb
sch_sfq
sch_ingress
cls_u32
act_mirred
ipoe
vlan_mon
EOF

4.2. Подгрузить модули

modprobe 8021q || true 
modprobe ifb || true 
modprobe sch_htb || true 
modprobe sch_sfq || true 
modprobe sch_ingress || true 
modprobe cls_u32 || true 
modprobe act_mirred || true 
modprobe ipoe || true 
modprobe vlan_mon || true

5) IFB интерфейс (создать сейчас + автоматически при загрузке)

5.1. Unit, который гарантирует ifb0

cat >/etc/systemd/system/ifb.service <<'EOF' 
[Unit] 
Description=Create IFB device ifb0 for Accel-PPP shaper 
After=systemd-modules-load.service 
Before=accel-ppp.service
 
[Service]
Type=oneshot
ExecStart=/sbin/modprobe ifb
ExecStart=/bin/sh -c '/sbin/ip link show ifb0 >/dev/null 2>&1 || /sbin/ip link add ifb0 type ifb'
ExecStart=/sbin/ip link set ifb0 up
RemainAfterExit=yes
 
[Install]
WantedBy=multi-user.target
EOF

5.2. Активировать ifb

systemctl daemon-reload systemctl enable --now ifb

6) RADIUS словари

mkdir -p /etc/accel-ppp/radius
cat >/etc/accel-ppp/radius/dictionary.mikbill <<'EOF' 
ATTRIBUTE DHCP-Router-IP-Address 241 ipaddr 
ATTRIBUTE DHCP-Mask 242 integer 
ATTRIBUTE L4-Redirect 243 integer 
ATTRIBUTE L4-Redirect-ipset 244 string 
ATTRIBUTE DHCP-Option82 245 octets 
ATTRIBUTE AccelRemoteId 246 octets 
ATTRIBUTE AccelCircuitId 247 octets
EOF

7) Конфиг accel-ppp и lua

7.1. Пример /etc/accel-ppp.conf

cat >/etc/accel-ppp.conf <<'EOF' 
[modules] 
log_file 
radius 
shaper 
sigchld 
ipoe
 
[core]
log-error=/var/log/accel-ppp/core.log
thread-count=2
 
[ipoe]
username=lua:macuser
lua-file=/etc/accel-ppp.lua
lease-time=300
max-lease-time=302
attr-dhcp-client-ip=Framed-IP-Address
attr-dhcp-router-ip=DHCP-Router-IP-Address
attr-dhcp-mask=DHCP-Mask
attr-l4-redirect=L4-Redirect
attr-l4-redirect-ipset=L4-Redirect-ipset
l4-redirect-ipset=l4
shared=0
ifcfg=1
mode=L2
start=dhcpv4
proto=100
interface=enp0s8
verbose=1
 
[dns]
dns1=4.2.2.2
dns2=8.8.8.8
 
[radius]
dictionary=/usr/share/accel-ppp/radius/dictionary
dictionary=/etc/accel-ppp/radius/dictionary.mikbill
nas-identifier=Accel-IPoE
nas-ip-address=192.168.0.182
server=192.168.0.184,secret,auth-port=1812,acct-port=1813,req-limit=0,fail-time=5
dae-server=0.0.0.0:3799,secret
verbose=1
timeout=10
max-try=9
acct-timeout=5
acct-delay-time=0
log-file=/var/log/accel-ppp/radius.log
 
[shaper]
attr=Filter-Id
ifb=ifb0
up-limiter=htb
down-limiter=htb
cburst=1375000
r2q=10
quantum=1500
leaf-qdisc=sfq perturb 10
verbose=0
 
[client-ip-range]
disable
 
[log]
log-file=/var/log/accel-ppp/accel-ppp.log
log-emerg=/var/log/accel-ppp/emerg.log
log-fail-file=/var/log/accel-ppp/auth-fail.log
log-debug=/var/log/accel-ppp/debug.log
copy=1
level=4
 
[cli]
telnet=127.0.0.1:2000
tcp=127.0.0.1:2001
EOF

7.2. Пример /etc/accel-ppp.lua

cat >/etc/accel-ppp.lua <<'EOF'
#!lua
function macuser(pkt)
return pkt:hdr('chaddr')
end
 
function opt82_v1(pkt)
  v,b1,b2,b3,b4,b5,b6=string.unpack(pkt:agent_remote_id(),'bbbbbb')
return string.format("%02x:%02x:%02x:%02x:%02x:%02x", b1,b2,b3,b4,b5,b6)
end
 
function opt82_v2(pkt)
if pkt:agent_circuit_id() ~= nilthen
if string.len(pkt:agent_remote_id()) ~= 0then
      v,b1,b2,b3,b4,b5,b6=string.unpack(pkt:agent_remote_id(),'bbbbbb')
return string.format("%02x:%02x:%02x:%02x:%02x:%02x", b1,b2,b3,b4,b5,b6)
    elseif (string.len(pkt:agent_remote_id()) == 0 and string.len(pkt:agent_circuit_id()) ~= 0)then
      m1=string.sub(pkt:agent_circuit_id(),'-15','-14')
      m2=string.sub(pkt:agent_circuit_id(),'-13','-12')
      m3=string.sub(pkt:agent_circuit_id(),'-11','-10')
      m4=string.sub(pkt:agent_circuit_id(),'-9','-8')
      m5=string.sub(pkt:agent_circuit_id(),'-7','-6')
      m6=string.sub(pkt:agent_circuit_id(),'-5','-4')
local username=m1..':'..m2..':'..m3..':'..m4..':'..m5..':'..m6
return username
    end
else
return pkt:hdr('chaddr')
  end
end
EOF

8) Старт accel-ppp

systemctl daemon-reload systemctl enable --now accel-ppp
Быстрая проверка
 
ip link show ifb0
journalctl -u ifb -n 50 --no-pager
journalctl -u accel-ppp -n 200 --no-pager
tail -n 50 /var/log/accel-ppp/emerg.log
  • billing/howto/accel_install_debian12/13.txt
  • Последнее изменение: 10 ч. назад
  • vs