For home use I did not want to use any such tool that has to be running all the time, I wrote this script to have the Mikrotik show internet usage in an easy usable form.
This does not manage bandwidth which can be done through Queues, but rather just shows the usage.
Something on your home network is eating up all your bandwidth (or data Cap - Yes we don't all have uncapped internet :) ), and you need a quick way of seeing which dhcp client is the culprit.
Goal:
Separate counters shown for Upload and Download.
Counters for each DHCP client (Address assigned by the Mikrotik) automatically created.
Easy sortable showing highest upload, download and Bitrate.
Counters Reset at Midnight.
Log entry inserted for the total Internet Data usage for the day.
Environment:
Ether1 is connected to the Internet
Ether2 to 5, is my local Lan (bridged) , which has a DHCP server active, assigning IP addresses on brige1 (ether2 to ether5)
The Scripts use the IP Firewall Mangle passthrough feature.
To View your usage simply use winbox and go to the IP, Firewall Menu item and then go to the Mangle Tab.
I suggest removing unneeded columns and adding the following columns to the view: Src. Address, Dst Address, Bytes,Packets, Rate, and PacketRate
Click on the Bytes column header to get your worst offenders listed first.
Config:
First add 2 simple Ip Firewall Mangle Rules that will keep track of your Total Internet Data usage.
Code: Select all
/ip firewall mangle
add action=passthrough chain=forward comment="Download Global Counter" in-interface=ether1
add action=passthrough chain=forward comment="Upload Global Counter" out-interface=ether1
Add the code below to your DHCP Server Lease Script. (Edit your DHCP Server, and click on the Script Tab, paste the code below there)
Code: Select all
:local hostname [/ip dhcp-server lease get [find where active-mac-address=$leaseActMAC && active-address=$leaseActIP] host-name]
:if ($leaseBound = "1") do={
/ip firewall mangle add action=passthrough chain=forward dst-address=$leaseActIP in-interface=ether1 comment=("Download " . $hostname)
/ip firewall mangle add action=passthrough chain=forward src-address=$leaseActIP out-interface=ether1 comment=("Upload " . $hostname)
/log info ("DHCP Script Mangle Rules Added for HostName " . $hostname . " IP " . $leaseActIP)
} else={
#delete old Download entry for this ip
:foreach a in=[/ip firewall mangle find dst-address=$leaseActIP] do={
/ip firewall mangle remove $a
}
#delete old Upload entry for this ip
:foreach a in=[/ip firewall mangle find src-address=$leaseActIP] do={
/ip firewall mangle remove $a
}
/log info ("DHCP Script Mangle Rules Removed for IP " . $leaseActIP)
}
Then create a script that is scheduled to run at midnight
Code: Select all
/system script
add dont-require-permissions=yes name=ResetMangleCounters owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="/log info (\
\"Bytes Downloaded Today \" . [/ip firewall mangle get [find where comment=\"Download Global Counter\"] bytes])\r\
\n/log info (\"Bytes Uploaded Today \" . [/ip firewall mangle get [find where comment=\"Upload Global Counter\"] bytes])\r\
\n\r\
\n/ip firewall mangle reset-counters-all\r\
\n\r\
\n/log info \"IP Firewall Mangle Counters Reset by Script\""
/system scheduler
add interval=1d name=ResetMangleCounters on-event=ResetMangleCounters policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=nov/01/2020 start-time=00:00:00
Code: Select all
/log info ("Bytes Downloaded Today " . [/ip firewall mangle get [find where comment="Download Global Counter"] bytes])
/log info ("Bytes Uploaded Today " . [/ip firewall mangle get [find where comment="Upload Global Counter"] bytes])
/ip firewall mangle reset-counters-all
/log info "IP Firewall Mangle Counters Reset by Script"
* If you have any other custom MANGLE rules you will need to fine-tune the where clauses for the find statements.
To test this for the first time delete all your DHCP Server leases, and wait till your client devices start renewing their leases.
*Watch the log file to see if the scripts runs
* Tested on RouterOs 6.47
Any suggestions on improving this or any flaws in my logic is welcomed.