I wrote a script to block a users access to the internet for a period of time, after that user reached a certain amount of bytes usage. It adds the below firewall filter rule which works as described.
In testing, I found it did not stop a download in-progress (does not stop an established connection). I need to stop users from downloading 24/7 in a system that provides free internet access.
Can some on point me in the right direction? Can additions be made to the below filter rule to make it do both functions.

RouterOS supports scripting in which you could find the marked connection and then disconnect it. However, it might be more useful to simply throttle it down to nearly nothing and let them disconnect on their own.

You can see how I do this here with HTTP_BIG connections.

RouterOS supports scripting in which you could find the marked connection and then disconnect it. However, it might be more useful to simply throttle it down to nearly nothing and let them disconnect on their own.

You can see how I do this here with HTTP_BIG connections.

Yes, I would like to know how to find the marked connection and disconnect it. I had done some scripting to throttle the connect down, but I really need to block all connections for the user for a specific time.

Thanks for your reply!!

I just figured it out. I have to move the firewall filter rule to the top of the list. This way the input established connection gets dropped and not accepted by the other firewall filter rules. Sad part is, I knew this when I started to design the script.