This articles is the description of my previous project, An Hotspot Management System. It is a computer system designed to manage user network connection, primarily from wireless network or other subsystem, and send the usage information to other system based on RADIUS protocol for further processing.

This articles will be devided into multiple parts. All of them will have the same title with series, so be sure to check this blog, if you want to read the overall of my article.

Overall System Overview

The Overall system is divided into 3 sub systems:

  • The Connection Point sub system: Physically this is collection of Wireless Access Point or any type of network connection base on Ethernet Protocol.
  • The Hotspot sub system: The main sub system to be built, consists of 3 part which are
    • The controller we will call it with “netaccess” is a program written in C language. The main function is to manage and control the user state, control the user connection through the Web Interface, and firewall sub system and and perform user data query and usage data with the radius server.
    • The Web Interface, is a web interface provided for user to perform login to the system, previewing their current status and terminating their connection.
    • The firewall susbsystem, is used to open and close the user connection to the external network (internet) and also perform the bandwidth management.
  • The user data storage and connection usage processing sub system. This system is a radius protocol based system

From the system perspective, we may call the both first subsystem (the connection point and the hotspot susbsystem) as NAS (Network Access Service)

Environment Selection

  • The connection point is an Ethernet base network connection, since it is widely used in the networking currently. Although this system firstly designed to provide services for wireless network, but it can be used to manage any type of network based on the Ethernet protocol
  • The Hotspot subsystem. This subsystem run under Free BSD 5.3 and above. I also rewritten the system in Linux system with more facility provided. Depend on your knowledge of the Operating system base firelwall system, I strongly suggest you to build this system under Linux if you want to provide a complex firewall and connection bandwidth management for your user. Otherwise if you need the simplicity and speed and lightweight system, consider to use Free BSD. Both of the are free.
    • The netaccess or ontroller is written using C language. Some library is also required. We need the radius client library (radius free library), posix thread and other standard library
    • The web Interface, I use the apache http server with mod rewrite installed. The script is written in PHP
    • The firewall subsystem depend on the OS used. For FreeBSD we use IPFW, for Linux we use Iptables and TC. Don’t worry, we will use shell script to access the functionality.
  • For the user data storage and connection usage processing sub system we use Radius based subsystem. If you don’t have a commercial one, you may use the Free Radius implementation which is available both on Linux and Free BSD.

That for the basic overview, on the next article we will discuss how the subsystem interact each other to provides the hotspot services to the client.

If you need to know how this system work and also the source code, please drop me a line at

I will post the next part soon. So be patient guys..