Bandwidth quotas

[sbsnb]

Something that's existed in precious few firmwares (Gargoyle does it) that I want so badly is the ability to limit the use of WAN bandwidth per IP/MAC. Not rate limiting, but actual caps. For instance, limit 192.168.1.2 to transferring no more than 10 GB from WAN per month. After the limit is reached the machine is effectively offline until a new period starts. They could use up that bandwidth in 1 hour and be offline for 29 days and 23 hours, I don't care.

I think people with kids that have no concept of ISP bandwidth caps would really appreciate this. My kids will literally fire up their Xbox, iPhone, and laptop all at once. The Xbox is downloading games, the iPhone is doing Facetime, and the laptop is streaming YouTube for hours on end. One child can use as much bandwidth in one day as the rest of the house uses in a month, including several TVs with HD Netflix/Amazon Prime. Right now all I can do to make reaching our ISP's monthly limit more difficult is to rate limit their devices, but that's hit or miss depending on how long they use their devices.

Because Merlin's iptables has the quota module, it's relatively easy to make quotas with iptables and reset the counters with a cron job. I just wondered how difficult it would be to make a UI so everyone could use it more easily.

 

[sbsnb]

Interestingly,

iptables -A FORWARD -i eth0 -d 192.168.1.2 -m quota --quota 5000000 -j ACCEPT

doesn't work. I get:

iptables: No chain/target/match by that name.

It's not as if the quota module isn't there:

admin@RT-AC88U:/tmp/home/root# iptables -m quota --help
iptables v1.4.15

Usage: iptables -[ACD] chain rule-specification [options]
       iptables -I chain [rulenum] rule-specification [options]
       iptables -R chain rulenum rule-specification
 ...
quota match options:
[!] --quota quota               quota (bytes)

 

[ColinTaylor]

Try

modprobe ipt_quota

but I doubt very much this concept will work properly if you are using any form of hardware acceleration.

 

[sbsnb]

Try

modprobe ipt_quota

but I doubt very much this concept will work properly if you are using any form of hardware acceleration.

admin@RT-AC88U:/tmp/home/root# modprobe ipt_quota
modprobe: module ipt_quota not found in modules.dep

 

[sbsnb]

I found https://github.com/MartineauUK/Quota-Monitor, but it's not entirely clear to me yet how this script works. Is it only working while running, or more of a set it and forget it thing?

 

[Mutzli]

Try this, an open dialog with your kids. I raised two kids in this internet age. What worked best was strict time limits on how long they can consume online contents and keeping the kids busy with other things like playing good old fashion board games or take them outside to play sports, hiking etc. As long as they are busy with other things they won't be online.
Sorry for intruding, I really don't know your circumstances, just telling you what helped in my situation.

 

[sbsnb]

Try this, an open dialog with your kids.

So that's what I've been doing wrong all these years. It's just that the kids are hungry to follow rules and haven't been given any to follow. Why didn't I think of that?

 

[Martineau]

I found https://github.com/MartineauUK/Quota-Monitor, but it's not entirely clear to me yet how this script works. Is it only working while running, or more of a set it and forget it thing?

As per the thread Real-time Quota Monitoring (Download/Upload/Data Used), once the script inserts the appropriate firewall rules, then the real-time monitoring via an SSH session is not required, but if you need to review/analyse the statistics at a later time etc., then the script must be invoked with the appropriate option.

 

[sbsnb]

I'm just wondering if it will do what I'm trying to do: that is impose bandwidth quotas. It seems like it will. I'm not interested in the monitoring so much.

 

[Martineau]

I'm just wondering if it will do what I'm trying to do: that is impose bandwidth quotas. It seems like it will. I'm not interested in the monitoring so much.

I suggest you test/try it with ridiculously low 'download/upload/Total quota' thresholds, and monitor the real-time results page to see it if meets your needs.

 

[sbsnb]

I think that's what's confusing me. Those thresholds sound like bandwidth limiting, not quotas. I'm not interested in regulating speed. I just want to limit total number of bytes transferred to/from WAN to selected clients.

 

[Martineau]

I think that's what's confusing me. Those thresholds sound like bandwidth limiting, not quotas. I'm not interested in regulating speed. I just want to limit total number of bytes transferred to/from WAN to selected clients.

Whilst the script is capable of throttling a client once say the DOWNLOAD quota threshold has been exceeded, by default, the script will limit/block access to the WAN once any of quotas are exceeded.

e.g. Start Total Used quota monitoring for the devices (Capped @100MB)

QuotaMonitor.sh    init   monitor cap=100MB

 

[sbsnb]

That sounds awesome. I'll give it a try. That way they can still get email and even browse the Web, but streaming is gonna end when they reach the cap.

 

[Sinner]

This is actually a useful feature and would be amazing to see it added to merlin. A daily data cap per device or a few select devices reset at a configurable time of day.

Yes its great for kids and not parenting etc but let be honest aren't we all struggling for a set and go setup on our routers? Who TF wants to watch it every 5min for what the kids are doing etc etc.. this would give parents or anyone with extreme limited data freedon55 peace of mind.

It could be a parental control that basically kicks in the disabled internet upon hitting the cap. It may be fairly easy to implement if merlin can access the traffic analyzer data per device maybe even require it to be enabled as well or something