Hi, i would like to limit some users using ip addresses(I know that it can be done in simple queues but if i use simple queues i limit all traffic of that ip and i do not want to limit local network speed, just internet connection). I want to limit internet connection(interface=internet - where to write it in source or destination?) to ip address(192.168.x.x - where to put it source or destination). I just want to limit ingoing connections from internet to some ip. Can you help me?
Mark traffic that belongs to local and remote with different Mangle marks, then use ‘queue simple’ entry for remote or other traffic packet-mark or traffic that does not belong to local traffic.
FOR USING QUEUE TREE:
I set up this mangle rule, and doesn´t work. Could you help what is wrong. I want to mark ip: 192.168.76.86 and connection from internet to that ip. Could you make the mangle rule and post it here?
chain=prerouting action=mark-packet new-packet-mark=Johnny passthrough=no
in-interface=internet src-address=192.168.76.86
FOR USING SIMPLE QUEUES
- way(probably work only for incomming connection from ip to internet(i am not shure): mangle rule: chain=forward action=mark-packet new-packet-mark=internet_rx_normal
passthrough=yes in-interface=internet(i use this for all my incomming connection from network and then i limit it in queue tree),
i tried to put it in simple queue like this: name=“CL” target-addresses=192.168.76.86/32 dst-address=0.0.0.0/0
interface=all parent=none packet-marks=internet_rx_normal
direction=both priority=8 queue=default-small/default-small
limit-at=0/1000000 max-limit=0/1000000 total-queue=default-small
or
2.way(probably work for outgoing and incomming connection because i used 2 mangle rules one for incomming connection to ip from internet(internet_rx_normal) and one for outgoing connection to internet(internet_tx_normal)
name=“CL” target-addresses=192.168.76.86/32 dst-address=0.0.0.0/0
interface=all parent=none
packet-marks=internet_rx_normal,internet_tx_normal direction=both
priority=8 queue=default-small/default-small limit-at=0/1000000
max-limit=0/1000000 total-queue=default-small(but this second way works also just for downloading from internet not for uploading
mangle rules:
- for incomming connection from internet to specific ip: internet_rx_nornal: chain=forward action=mark-packet new-packet-mark=internet_rx_normal
passthrough=yes in-interface=internet - for outgoing connection to internet from specific ip: internet_tx_normal chain=forward action=mark-packet new-packet-mark=internet_tx_normal
passthrough=yes out-interface=internet
So could you help the best way to use, i read mannual nothing find out ideal for me, Could you write some simple and most effective rule for limiting only internet connection(if it is possible also uploading and downloading, not just downloading)