Community discussions

 
User avatar
Eugene
Forum Veteran
Forum Veteran
Topic Author
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

How to limit a user to a given amount of traffic?

Sun Jul 04, 2004 5:28 pm

Many times people have asked how to shape traffic based on the amount the user has already downloaded.
Here is a small script which makes the job:
-------------------------
:local sum; :local traf;
:set sum 0
/ip firewall rule forward {
:foreach i in [find] do={:incr sum}
:for i from=1 to=$sum do={
:set traf [get [find comment=("user" . $i)]
bytes]
:set traf ($traf/1073741824)
:if ($traf>1) do={:log facility=System-Info message=("user" . $i .
" exceeded 1Gb limit!")}
}
}
-------------------------
Comments:
1)Make your own chain for accounting purposes (just don't forget to add jumps from forward chain.) In the end of this chain add return rule.

2)Make a custom action when the user reaches the limit. By default the scripts writes message to logs (use /log print without-paging command to view logs)

The original can be found in MT docs:
http://www.mikrotik.com/docs/ros/2.8/ap ... t#11.2.5.8
Last edited by Eugene on Mon Jan 10, 2005 9:49 am, edited 1 time in total.
 
fivenetwork
newbie
Posts: 45
Joined: Thu Jul 08, 2004 4:39 am

How Do we get this to work with PPPoE?

Thu Jul 08, 2004 4:58 am

Can this script work with PPPoE?? Like the OS provides a Traffic limit for HotSpot Users can this be adapted in similar fashion for PPPoE users??
 
tully
MikroTik Support
MikroTik Support
Posts: 505
Joined: Fri May 28, 2004 11:07 am

Thu Jul 08, 2004 9:37 am

With pppoe, I think you can set this based on a radius attribute. See the radius attributes that are supported for AAA in the AAA section of the manual.

John
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Topic Author
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Thu Jul 08, 2004 6:23 pm

Yes, of course this script can work with PPPoE. Just make correct firewall rules that count traffic for particular PPPoE client.
 
gianluca
Member Candidate
Member Candidate
Posts: 258
Joined: Sun Aug 08, 2004 11:00 pm
Location: Italy - Spain - USA

Mon Jan 03, 2005 9:25 pm

Eugene, could you please be a bit more specific on it.

I have 50 customers woth pppoe. With 3 profiles (so that I have 3 fw rules, one each profile below ppp fw rule).

where should I put the rules for counting bytes?

I imagine that to put an identifier on each rule, I have to base the rule on the IP address of the customer. This means I have to fix the IP address of teh customer to his username on the pppoe secrets.

Am i correct?

thanks
 
gianluca
Member Candidate
Member Candidate
Posts: 258
Joined: Sun Aug 08, 2004 11:00 pm
Location: Italy - Spain - USA

Mon Jan 03, 2005 9:29 pm

just one more thing. my pppoe customers take the ip from a pool.
 
gianluca
Member Candidate
Member Candidate
Posts: 258
Joined: Sun Aug 08, 2004 11:00 pm
Location: Italy - Spain - USA

Tue Feb 01, 2005 7:45 pm

can anybody answer on how check amount of upload/dwonload traffic with radius and pppoe users?
 
User avatar
bjohns
Member Candidate
Member Candidate
Posts: 272
Joined: Sat May 29, 2004 4:11 am
Location: Sippy Downs, Australia
Contact:

Fri Feb 04, 2005 5:12 am

can anybody answer on how check amount of upload/dwonload traffic with radius and pppoe users?
afaik 'Alive' packets are sent back to the radius server with the updates. These are usually sent every 5min, but you can change that using either the MT Router or the Radius server. Otherwise the total session data will be sent with the Stop packet.

The difficult thing is enforcing the quota. Ie, a user is connected, exceeds their limit - how do you disconnect them? Currently I just disable and enable the PPPoE service every 24hrs, which is pretty dodgy. I'd like to know a more elegant solution that only affects the users in question.
 
gianluca
Member Candidate
Member Candidate
Posts: 258
Joined: Sun Aug 08, 2004 11:00 pm
Location: Italy - Spain - USA

Sun Feb 06, 2005 2:34 pm

thank for the help.

About enforcing a rule when they reach a quote, I probably run a script with a forward rule doing what you want to do, i.e. stop p2p .... or what else
 
nianderson
just joined
Posts: 11
Joined: Thu Feb 10, 2005 6:47 am

Mon Feb 14, 2005 3:52 am

can you expand a little more on this im attempting to set transfer limits so userx gets 1 GB transfer/month / week whatever. if they exceed it they get throttled to 64 K. This is my first run with mikrotik ect... so im still trying to figure out the firewall ect ...


Thanks
--
Nick Anderson
IT Technician
Sunflower Broadband

Adding features does not necessarily increase functionality -- it just
makes the manuals thicker.
 
nianderson
just joined
Posts: 11
Joined: Thu Feb 10, 2005 6:47 am

Wed Feb 16, 2005 5:37 am

So let me see if I understand this at all or if im on the right track.

first thing to do is add a chain
/ip firewall add name=accounting
then set a comment for it called userN atm i have 2 users so
/ip firewall rule accounting add comment=user2
add passthrough action to the chain accounting
/ip firewall rule accounting add action=passthrough
add a jump rule in forward to accountin
/ip firewall rule forward add jump-target=accounting
change the refferences of forward to accounting in the script provided
and add
:local sum; :local traf;
:set sum 0
/ip firewall rule accounting{
:foreach i in [find] do={:incr sum}
:for i from=1 to=$sum do={
:set traf [get [find comment=("user" . $i)]
bytes]
:set traf ($traf/1073741824)
:if ($traf>1) do={:log facility=System-Info message=("user" . $i .
" exceeded 1Gb limit!")}
}
/ip firewall rule accounting return
} 
does that look right?
Help is greatly appriciated
--
Nick Anderson
IT Technician
Sunflower Broadband

Adding features does not necessarily increase functionality -- it just
makes the manuals thicker.
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Topic Author
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Wed Feb 16, 2005 1:20 pm

So let me see if I understand this at all or if im on the right track.

first thing to do is add a chain
/ip firewall add name=accounting
That's right

then set a comment for it called userN atm i have 2 users so
/ip firewall rule accounting add comment=user2
Not quite
add passthrough action to the chain accounting
/ip firewall rule accounting add action=passthrough
For each user, you need to add 1 rule with action=passthrough and comment=userN.
So, in case of two users assuming we use ip addresses to identify them:
/ip firewall rule accounting add action=passthrough comment=user1 dst-address=1.1.1.1/32
/ip firewall rule accounting add action=passthrough comment=user2 dst-address=1.1.1.2/32
[/color]

add a jump rule in forward to accounting
/ip firewall rule forward add jump-target=accounting
Just do not forget that this rule should be above all others. Also add rule with action=return to the accounting chain, in order to process general firewall rules in forward.
/ip firewall rule accounting add action=return
[/color]

change the refferences of forward to accounting in the script provided
and add
:local sum; :local traf;
:set sum 0
/ip firewall rule accounting{
:foreach i in [find] do={:incr sum}
:for i from=1 to=$sum do={
:set traf [get [find comment=("user" . $i)]
bytes]
:set traf ($traf/1073741824)
:if ($traf>1) do={:log facility=System-Info message=("user" . $i .
" exceeded 1Gb limit!")}
}
} 
Note, that return rule is added before, not from the script.

Add this script to system scheduler to do periodical checks.



does that look right?
Help is greatly appriciated
Tout individu a droit à la vie, à la liberté et à la sûreté de sa personne.
 
nianderson
just joined
Posts: 11
Joined: Thu Feb 10, 2005 6:47 am

Wed Feb 16, 2005 7:45 pm

when i do
/ip firewall rule accounting add action=passthrough comment=user1 dst-address=192.168.0.199/24
I get ERROR: destination bad
--
Nick Anderson
IT Technician
Sunflower Broadband

Adding features does not necessarily increase functionality -- it just
makes the manuals thicker.
 
cmit
Forum Guru
Forum Guru
Posts: 1552
Joined: Fri May 28, 2004 12:49 pm
Location: Germany

Wed Feb 16, 2005 9:39 pm

192.168.0.199/24 is not a valid notation. If you want to describe the single host, you have to use a /32 netmask:
192.168.0.199/32
If you meant to filter the whole class C network, you must use the network address together with the /24 subnet mask:
192.168.0.0/24
Best regards,
Christian Meis
 
nianderson
just joined
Posts: 11
Joined: Thu Feb 10, 2005 6:47 am

Wed Feb 16, 2005 9:43 pm

ahh thanks now this is how i have it setup


forward chain
[admin@MikroTik] system script> /ip firewall rule forward print
Flags: X - disabled, I - invalid, D - dynamic
 0   action=jump jump-target=accounting

 1   ;;; limit access for unauthorized hotspot clients
     in-interface=ether2 action=jump jump-target=hotspot-temp

 2   ;;; account traffic for authorized hotspot clients
     action=jump jump-target=hotspot

 3   action=accept
accounting chain
[admin@MikroTik] system script> /ip firewall rule accounting print
Flags: X - disabled, I - invalid, D - dynamic
 0   ;;; user1
     dst-address=192.168.0.195/32 action=passthrough

 1   action=return

script
[admin@MikroTik] system script> print
 0 name="account_user_traffic"
   source=":local sum; :local traf;\r\n:set sum 0\r\n/ip firewall rule
          accounting{\r\n:foreach i in [find] do={:incr sum}\r\n:for i from=1
          to=$sum do={\r\n:set traf [get [find comment=("user" . $i)]
          bytes]\r\n:set traf ($traf/1073741824)\r\n:if ($traf>1) do={:log
          facility=System-Info message=("user" . $i . " exceeded 1Gb
          limit!")}\r\n}\r\n}"
   owner="admin" policy=ftp,reboot,read,write,policy,test
   last-started=feb/16/2005 13:58:27 run-count=5
I get feb/16/2005 13:58:27 script error: no such chain when i try to run it.
--
Nick Anderson
IT Technician
Sunflower Broadband

Adding features does not necessarily increase functionality -- it just
makes the manuals thicker.
 
nianderson
just joined
Posts: 11
Joined: Thu Feb 10, 2005 6:47 am

Thu Feb 17, 2005 6:04 am

well figured out what the deal with not seeing the chain is. DONT PUT A SCRIPT IN VIA WINBOX. :) found the pico clone and entered it via cli script starts working except now it spits an error to the log script error: empty string value where some kind of specific value expected


here is my current script
:local sum; :local traf;
:set sum 0 
/ip firewall rule accounting {
  :foreach i in [find] do={:incr sum}
  :for i from=1 to=$sum do={
    :set traf [get [find comment=("user" . $i)] bytes]
    :set traf ($raf/1073741824)
    :if ($traf>1) do={:log facility=System-Info message=("Limit-exceeded")}
  }
}
--
Nick Anderson
IT Technician
Sunflower Broadband

Adding features does not necessarily increase functionality -- it just
makes the manuals thicker.
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Topic Author
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Thu Feb 17, 2005 3:07 pm

It's your script:
script starts working except now it spits an error to the log script error: empty string value where some kind of specific value expected


here is my current script
:local sum; :local traf;
:set sum 0 
/ip firewall rule accounting {
  :foreach i in [find] do={:incr sum}
  :for i from=1 to=$sum do={
    :set traf [get [find comment=("user" . $i)] bytes]
    :set traf ($raf/1073741824)
    :if ($traf>1) do={:log facility=System-Info message=("Limit-exceeded")}
  }
}
There is one corrected string:
:set traf ($traf/1073741824)
Tout individu a droit à la vie, à la liberté et à la sûreté de sa personne.
 
Russ
newbie
Posts: 25
Joined: Mon May 02, 2005 11:55 pm
Location: New Zealand

Throttling with a radius server...

Tue May 03, 2005 3:41 am

So far everyone has addressed the issue of throttling using local user accounts.

Our network is in the situation where users authenticate via PPPOE, and are assigned an IP address either statically or from the routers dynamic pool, no matter where they enter the network.

The PPPOE server then talks to a freeradius server to get the appropriate attributes (static / dynamic IP, any queues that need to be applied, routes that need to be added etc). The PPPOE server is also set to send interim accounting updates every 5 minutes to let the radius server know how much data a user has used.

To make this work with a radius server either a script would need to run on the mikrotik PPPOE server (where the queue is applied) to check the value of the data usage on the radius server and set the queue appropriately, or a script would have to run on the radius server and somehow tell the mikrotik router to alter the queue if the user had gone over their allocated data cap.

We can not check the amount of data on the local mikrotik box, as users may come into the network from different entry points through different PPPOE servers. The mikrotik router would also loose all accounting information if it was rebooted.

I notice in 2.9 there is a feature where you can specify an incoming raidus server. Does anyone have any information on how this works? What it does?

Alternatively does anyone have a working solution for this?
 
cmit
Forum Guru
Forum Guru
Posts: 1552
Joined: Fri May 28, 2004 12:49 pm
Location: Germany

Tue May 03, 2005 9:34 am

The "radius incoming" features is to let a RADIUS server actively disconnect PPP(oE) sessions without using SSH scripts on the RADIUS server or the like. See here for example: http://forum.mikrotik.com/viewtopic.php?t=1480

Regarding your question of changing queues: I suppose the only way will be to run a script on the RADIUS server that connects to the appropriate PPPoE server (MikroTik) via SSH and then switches queues for the active user. Have never tried this, though...
Best regards,
Christian Meis
 
marko1101
newbie
Posts: 25
Joined: Sun Jul 11, 2004 9:33 pm

Sun Aug 07, 2005 2:35 pm

I try stop traffic and inform user buy mail:

my script:

:local sum; :local traf;
:set sum 0
/ip firewall rule example {
:foreach i in [find] do={:incr sum}
:for i from=1 to=$sum do={
:set traf [get [find comment=("user" . $i)] bytes]
:set traf ($traf/1073741824)
:if ($traf>0) do={ /ip firewall rule forward add src-address=1.1.1.1/32 action=reject
/tool e-mail send to=example@example.com subject="Limit-exceeded"}
}
}

but, I run this script from scheduler , interval is 5s , and when user reach traffic limit , scheduler make rule and send mail on 5s , nonstop.

Is there any way to stop scheduler when user reach traffic limit , something like /system scheduler disable 0 ?

and is there way to put "ip firewall forward rule" on ie. position 10 , something like... put-on=10 or put-position=10 ...

any idea ?

Thanks
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Topic Author
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Mon Aug 08, 2005 12:18 pm

To put a firewall rule before another one, add place-before=[/ip firewall filter find comment="aaa"] parameter. (Of course, there should be a rule with
comment=aaa already added to the firewall filter).

To stop the scheduler:
/system scheduler disable [find]
8)
Tout individu a droit à la vie, à la liberté et à la sûreté de sa personne.
 
marko1101
newbie
Posts: 25
Joined: Sun Jul 11, 2004 9:33 pm

Mon Aug 08, 2005 4:11 pm

I resolve stop scheduler , but for position of rule ... I put rule in chain of accounting (one chain for one user , easy to reset when reach limit), because rule in accounting chain is passthrough , new rule stop traffic even on the end of the chain , (work for me)

now I put, place-before=[/ip firewall rule user1 find comment="aaa"] , works, thanks

script:

:local sum; :local traf;
:set sum 0
/ip firewall rule user1 {
:foreach i in [find] do={:incr sum}
:for i from=1 to=$sum do={
:set traf [get [find comment=("user" . $i)] bytes]
:set traf ($traf/1073741824)
:if ($traf>0) do={ /ip firewall rule user1 add action=reject place-before=[/ip firewall rule user1 find comment="aaa"]
/tool e-mail send to=user1@example.com subject="Limit-exceeded"}
}
}


this is the script for reach limit , but ... can you tell me, how make script for send mail on every 24h to user with amount of traffic at this moment, ... something like ,

scheduler with sorce: /tool e-mail send to=user1@example.com subject="You spend ([get [find comment=("user" . $i)] bytes]/1024) KB till now."

But, in accounting chain user1, I have 2 rule comment=user1(for Upload) and comment=user2 (for Download) , main script start whatever rule reach 1gb , and stop traffic and send mail , that is ok for reach limit...

Now I want make script to send info about traffic on both rule (upload and download) (comment=user1 and comment=user2) to user on every 24h

can you help ?

Thanks again.
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Topic Author
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Mon Aug 08, 2005 4:22 pm

:local sum; :local traf;
:local limit
:set sum 0
:set traf 0
:set limit 5
/ip firewall rule user1 {
:foreach i in [find] do={:incr sum}
:for i from=1 to=$sum do={
:set traf ([get [find comment=("user" . $i)] bytes] + $traf)
}
:set traf ($traf/1073741824)
:set limit ($limit-$traf)
/tool e-mail send to=user1@example.com subject="You spend $traf GB. Beware! only $limit GB left :)"
} 
Tout individu a droit à la vie, à la liberté et à la sûreté de sa personne.
 
marko1101
newbie
Posts: 25
Joined: Sun Jul 11, 2004 9:33 pm

Mon Aug 08, 2005 4:45 pm

message from log : script error: invalid expression
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Topic Author
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Mon Aug 08, 2005 5:34 pm

:local sum; :local traf;
:local limit
:set sum 0
:set traf 0
:set limit 5
/ip firewall rule user1 {
:foreach i in [find] do={:incr sum}
:for i from=1 to=$sum do={
:set traf ([get [find comment=("user" . $i)] bytes] + $traf)
}}
:set traf ($traf/1073741824)
:set limit ($limit - $traf)
/tool e-mail send to=user1@example.com subject="You spend $traf GB. Beware! only $limit GB left :)"
1) There should be spaces surrounding minus sign.
2) Outer loop closed before sending e-mail (to avoid duplicates).
Tout individu a droit à la vie, à la liberté et à la sûreté de sa personne.
 
marko1101
newbie
Posts: 25
Joined: Sun Jul 11, 2004 9:33 pm

Mon Aug 08, 2005 8:18 pm

I recived in log: invalid argument name , somethin about $traf and $limit in ...

/tool e-mail send to=user1@example.com subject="You spend $traf GB. Beware! only $limit GB left :)"

when I delete all in subject except $traf ,
/tool e-mail send to=user1@example.com subject=$traf , ...

mail recived with 0 in subject , all same with only $limit mail recived with 5 , every time. when send mail,

probably from here:

:set traf 0
:set limit 5
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Topic Author
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Tue Aug 09, 2005 3:56 pm

This one tested and works:
:local sum; :local traf; :local limit; 
:set sum 0; :set traf 0; :set limit 5; 
/ip firewall rule user1 {:foreach i in [find] do={:incr sum}; :for i from=1 to=$sum do={:set traf ([get [find comment=("user" . $i)] bytes] + $traf)};}; :set traf ($traf/1073741824); :set limit ($limit - $traf); /tool e-mail send to=psi@mikrotik.com subject=("You spend " . $traf . " GB. Beware! only " . $limit . "GB left :)");
Tout individu a droit à la vie, à la liberté et à la sûreté de sa personne.
 
marko1101
newbie
Posts: 25
Joined: Sun Jul 11, 2004 9:33 pm

Wed Aug 10, 2005 12:26 am

Yes work,

but send message only for GB , maybe I make some mistake with rule,

never mind , it's help me to make my script , and the script do exactly what I want , thanks

but , there is another problem, and it's seems big , .... when mikrotik is off or restart or corrupt .... , rule reset to 0 ... and accounting start from 0, :(

till now I have no that problem , to reset ruter, because some error, but ... life is long , :)

is there some solution for that ?

Thanks again
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Topic Author
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Wed Aug 10, 2005 11:39 am

Only remote accounting. Or you can restart router only on the 1st day of month :)

BTW, the router is pretty stable so having a good UPS should give you loooong uptime :D

Or make a script to save/restore values do disk.
Tout individu a droit à la vie, à la liberté et à la sûreté de sa personne.
 
marko1101
newbie
Posts: 25
Joined: Sun Jul 11, 2004 9:33 pm

Wed Aug 10, 2005 1:10 pm

Or make a script to save/restore values do disk.
that's will be good, but, can script, save (ie.) all data in some rule (ie.) user1 , and restore when ruter startup, I think hotspot do that ... ?

I prefer script opposite hotspot , if is posible to script do that ?
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Topic Author
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Wed Aug 10, 2005 2:53 pm

One way to save variable values is to create /ppp secret entries with comments. But IMHO you need to switch ro remote accounting/management like RADIUS.
Tout individu a droit à la vie, à la liberté et à la sûreté de sa personne.
 
marko1101
newbie
Posts: 25
Joined: Sun Jul 11, 2004 9:33 pm

Tue Aug 16, 2005 2:16 pm

solution is ups , for now , ...

do you have idea how do this: ....

Can script, (make or disable) rule in MT through 2 or 3 or X ... MT (mikrotik)?

internet <---> MT1 <---> MT2 <----> MT3 <--- client

script for internet traffic accouting are on MT1 ,
I wish , make new deny or disable present allowe rule in firewall on MT3 to stop all traffic through network for client who connect on MT3 , but from information of traffic on MT1 for that client.

do this on MT1 is done for internet traffic , but is there any solution to do this on MT3 , when client reach limit accounting on MT1 ?

something like this :/ip firewall rule forward disable (ie.) 10 ... , but , script on MT1 to make this on MT3 , or script on Mt3 read data of traffic on MT1.

any idea ?
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Topic Author
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Tue Aug 16, 2005 4:34 pm

I know some bizarre ways to achieve this with mt scripting, but you should really think about a dedicated server or a complete network redesign if you need such things.

Eugene
Tout individu a droit à la vie, à la liberté et à la sûreté de sa personne.
 
ponline
newbie
Posts: 49
Joined: Tue Sep 28, 2004 9:19 pm

Mon Nov 21, 2005 11:33 pm

Why do we count bytes on the firewall , when every queue has the statistics of rx and tx bytes, and total-bytes????

Can this be achieved in an simplier way by reading the total-bytes of the queues?????

Let's say I give my clients 256k/128k connections, but if they make 200Mb of transfer during the day they speed will be limited at 64k/64k.

The counters should be reseted every day at lets say 00:00 oclock via the scheduler. (/que simple reset-counters)

And there should be one script which will run every 5 minutes or so to check the bytes of every queue and set max-limit=64000/64000 if the total-bytes of the queue are >= 200MB

Is this possible or am i missing something??
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Topic Author
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Tue Nov 22, 2005 4:51 pm

Yes, it's possible. Although I'd recommend using queues with bursts for this task. Just imagine: no scripting needed at all :wink:
Tout individu a droit à la vie, à la liberté et à la sûreté de sa personne.
 
ponline
newbie
Posts: 49
Joined: Tue Sep 28, 2004 9:19 pm

Wed Nov 23, 2005 1:57 am

The burts will give another meaning, sure it will help them not using the maximum of the allowed speed for a long time but what I need is limited amount of download until they speed cuts down.
Let them feel thay have a high speed connection, but prevent them downloding too much.

Since this is doable, and i never done scripts , i tried it a little but i cant make it work for this job, can someone help me with a simple script that scans all the simple queues for a 'total-bytes' amount, and if the total-bytes is equal or biger than 200MB then max-limit the queue at 64k/64k.
I would appriciate that,
Thanks

Urim.
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Topic Author
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Thu Nov 24, 2005 2:13 pm

Well, bursts do exactly that. They will prevent users from downloading big amounts of data in the same time permitting high speed low volume traffic.
Tout individu a droit à la vie, à la liberté et à la sûreté de sa personne.
 
ponline
newbie
Posts: 49
Joined: Tue Sep 28, 2004 9:19 pm

Fri Nov 25, 2005 5:11 pm

Well,ok since you insist.
But still im interested doing that with reading total-bytes of the queues.
Any help would be appreciated.


P.S
This is like a FAP(Fair Access Policy) like some satelite providers give. They give you 512kb speed, but if you dowload 500 mb during the day, your speed will be capped to 128kb, and countinuing to lower your speed as your transfer amount increases.
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Topic Author
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Mon Nov 28, 2005 10:32 am

Queue:
/queue simple add target-addresses=<address of host you want to limit> name="user1"
Script:
:local sum; :local traf;
:set sum 0
/queue simple{
  :foreach i in [find] do={:incr sum}
  :for i from=1 to=$sum do={
    :set traf [get [find name=("user" . $i)] total-bytes]
    :set traf ($traf/1073741824)
    :if ($traf>1) do={
      :log facility=System-Info message=("user" . $i . " exceeded 1Gb limit!");
      set [find name=("user" . $i)] max-limit=64000
    }
  }
}
Tout individu a droit à la vie, à la liberté et à la sûreté de sa personne.
 
marko1101
newbie
Posts: 25
Joined: Sun Jul 11, 2004 9:33 pm

Mon Nov 28, 2005 12:44 pm

problem with reset accouting , after reboot , power lost ... is resolve in 2.9.8 ... or not ?
 
ponline
newbie
Posts: 49
Joined: Tue Sep 28, 2004 9:19 pm

Mon Nov 28, 2005 6:31 pm

Now I know where my problem was, i think i was trying to do smth imposible, I was trying to make it work without changing the names of queues and i was lost.
All my queues have the names of my clients on it, and not something like user1...userN so they can be read from the function 'FOR i=1 to N'

So i gues the only solution is to change the queue names in a format user1...userN, is it?

Thanks for the script.
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Topic Author
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Tue Nov 29, 2005 12:06 pm

Or search by ip address, or by part of the name instead of the whole name.
Tout individu a droit à la vie, à la liberté et à la sûreté de sa personne.
 
ponline
newbie
Posts: 49
Joined: Tue Sep 28, 2004 9:19 pm

Sun Dec 04, 2005 7:07 pm

This script searches simple queues by their target-addresses , and change their maximum-limit, if the total-bytes are > 100Mb.
:local traf;
/queue simple 
:for i from=10 to= 200 do =  {
:set traf [get [find target-addresses=("192.168.1." . $i)] total-bytes] 
:if ($traf  > 104857600) do = {
set [find target-addresses=("192.168.1." . $i)] max-limit= 64000/64000
}
}
This scripts is tested and working.
BUT, there must exist every single ip adress form 192.168.1.10 to 192.168.1.200. If one is missing the scripts stops on that position.

I want to search all this subnet from 192.168.1.10 - to - 192.168.1.200 but i am missing some ip adresses in a not organised way.
Can it be fixed to ignore the error where it can't find the given queue, and contnoue to the next one ?
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Topic Author
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Tue Dec 06, 2005 4:00 pm

Use :if statement to check for the existance of the ip address prior to setting the parameters.
Tout individu a droit à la vie, à la liberté et à la sûreté de sa personne.
 
ponline
newbie
Posts: 49
Joined: Tue Sep 28, 2004 9:19 pm

Tue Dec 06, 2005 5:56 pm

And how is the right syntax to do that?
Sorry for bothering you, but i don't know where to read for finding the right syntax to acomplish that.
Thanks.
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Topic Author
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Tue Dec 06, 2005 8:46 pm

 :if ([/queue simple find target-addresses=("192.168.1." . $i)] != "") do={
  :set traf [get [find target-addresses=("192.168.1." . $i)] total-bytes]
  :if ($traf  > 104857600) do = {
    set [find target-addresses=("192.168.1." . $i)] max-limit= 64000/64000
  } 
}
You can read more about scripting at http://www.mikrotik.com/docs/ros/2.9/system/scripting :roll:
Tout individu a droit à la vie, à la liberté et à la sûreté de sa personne.
 
ponline
newbie
Posts: 49
Joined: Tue Sep 28, 2004 9:19 pm

Wed Dec 07, 2005 2:29 am

Thank you very much,
Now I can give the service i wanted to offer.
I have users that never spend 100 mb daily but need the good speed,
And i have users that would download the whole internet in a day if they could.
This way 'easy' users will have good speed for browsing , chatting with camera, and some small downloads.
And the 'bandwidth hungry' users will suffer slower speeds after they cross their 100MB during the day. But, thats not that bad , users can download during the night hours 1am-10am when i disable this script and give greater speads, cose the network is slightly used.

For the others information here is the complete script that is tested and works.
:local traf; 
/queue simple 
:for i from=1 to= 254 do =  { 
:if ([/queue simple find target-addresses=("192.168.1." . $i)] != "") do={ 
:set traf [get [find target-addresses=("192.168.1." . $i)] total-bytes] 
:if ($traf  > 104857600) do = { 
set [find target-addresses=("192.168.1." . $i)] max-limit= 32000/64000 
} 
} 
}


This script will check all the simple queues shearching their target adresses and will search a whole 192.168.1.0/24 subnet.
It will read their total-bytes (recieved + transmited) and will check them if they crosed a limit of 100 MB ( 104857600 bytes)
If they did , they will be limited to lower speed (64k/64k)

You can change the subnet, the limit, and the lower speed acording to your needs.

It shoud be added a scheduler that will run this script every 5 minutes or so.
Another scheduler to reset counters daily " /que simple reset-counters".
 
cmit
Forum Guru
Forum Guru
Posts: 1552
Joined: Fri May 28, 2004 12:49 pm
Location: Germany

Wed Dec 07, 2005 11:28 am

Would be nice if you added this to the Wiki... ;)

Christian
 
pedja
Long time Member
Long time Member
Posts: 684
Joined: Sat Feb 26, 2005 5:37 am

Thu Dec 08, 2005 3:21 pm

Great script. Is it possible to expand it in a way to allow different limits for different groups of clients? Is it possible to use some marks in comments instead of IP adresses to find out which limitations to enforce?
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 24205
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Thu Dec 08, 2005 3:22 pm

eugene already added it, but it would be nice if some of you forum members also added something to the wiki from time to time ... :)
 
pedja
Long time Member
Long time Member
Posts: 684
Joined: Sat Feb 26, 2005 5:37 am

Fri Dec 09, 2005 5:59 pm

Here it is what I came up with:
/queue simple; :foreach i in=[find] \
do={  \
     :set sqName [get $i name]; \
#     :set sqTotalAvgRate [get $i total-avg-rate]; \
     :set sqTotalBytes [get $i total-bytes]; \
     :set sqLevel [:find $sqName "\[LevelA\]"]; \
     :if ($sqLevel >= 0)  do={ \
        set $i limit-at=32000/32000 max-limit=64000/64000 burst-threshold=48000/48000 burst-limit=128000/128000 burst-time=30/30; \
        :if ($sqTotalBytes  > 104857600)  do = { \ 
          set $i limit-at=24000/24000 max-limit=32000/32000 burst-threshold=0/0 burst-limit=0/0 burst-time=0/0; \
        }; \
     } else {
       :set sqLevel [:find $sqName "\[LevelB\]"]; \
       :if ($sqLevel >= 0)  do={ \
           set $i limit-at=64000/64000 max-limit=128000/128000 burst-threshold=78000/78000 burst-limit=256000/256000 burst-time=30/30; \
           :if ($sqTotalBytes  > (2 * 104857600))  do = { \ 
             set $i limit-at=64000/64000 max-limit=64000/64000 burst-threshold=0/0 burst-limit=0/0 burst-time=0/0; \
           }; \
       } else { \
           :set sqLevel [:find $sqName "\[LevelC\]"]; \
           :if ($sqLevel >= 0)  do={ \
               set $i limit-at=72000/72000 max-limit=256000/256000 burst-threshold=96000/96000 burst-limit=1000000/1000000 burst-time=30/30; \
               :if ($sqTotalBytes  > (3 * 104857600))  do = { \ 
                  set $i limit-at=72000/72000 max-limit=72000/72000 burst-threshold=0/0 burst-limit=0/0 burst-time=0/0; \
                }; \
            }; \
        }; \
     }; \
     :if ($sqLevel >= 0) do { \
        :put ([get $i name] . " : " . [get $i limit-at] . " : " . [get $i max-limit]  . " : " . [get $i burst-limit]   . " : " . [get $i burst-threshold]  . " : " . [get $i burst-time]) ; \
     }; \
}
This scripts checks names of simple queues and if it finds [LevelA], [LevelB] or [LevelC] in name, it sets specified parameters. It also checks total-bytes and if limit is reached it sets different parameters for a queue.

This allows you to set groups at will (it is easily expandable to needed number of groups, these three are just for an example) and easily put queue in needed group by entering group ID within name. This means you may keep custom simple queue names, just add Group ID in it.

If you want to change group for some simple queue, just change group id in that queue name.

As previosu script, this script should be scheduled in regular time periods, for instance every 5 minutes, and also there should be triger that resets total-bytes once a day. REcomendation is that reset is done about 2 AM.

Script runs but this is my the very frst MT script for so it is possible it is not of greatest quality code. I hope som of experienced members will suggest if there are possible improvements in code.

How to reset counters:
/queue simple reset-counters
 
smutsnic
newbie
Posts: 48
Joined: Tue Apr 19, 2005 8:49 pm

Mon Jan 23, 2006 5:15 pm

Hi Eugene,

I'm working with mikrotik 2.9 and have got this far.

/ip firewall filter add chain=accounting
/ip firewall filter comment 2 users2
/ip firewall filter set 0 chain=accounting action=passthrough
/ip firewall filter add chain=accounting action=passthrough comment=user1 dst-address=x.x.x.x/32
/ip firewall filter add chain=accounting action=passthrough comment=user2 dst-address=x.x.x.x/32
/ip firewall filter add chain=forward action=jump jump-target=accounting
/ip firewall filter add chain=accounting action=return

:local sum; :local traf;
:set sum 0
/ip firewall filter find chain=accounting{
:foreach i in [find] do={:incr sum}
:for i from=1 to=$sum do={
:set traf [get [find comment=("user" . $i)]
bytes]
:set traf ($traf/1073741824)
:if ($traf>1) do={:log facility=System-Info message=("user" . $i .
" exceeded 1Gb limit!")}
}
}

There is a problem with /ip firewall filter find chain=accounting in the script if you could please help me as my scripting is not that good yet.

Thanks,
Nic
 
smutsnic
newbie
Posts: 48
Joined: Tue Apr 19, 2005 8:49 pm

Wed Jan 25, 2006 5:25 pm

Is it possible to expand this script to 2.9?
 
netmonitor
just joined
Posts: 7
Joined: Fri Apr 07, 2006 12:20 pm

same solution for VLAN?

Mon Apr 17, 2006 9:41 pm

Hi Guys!

I'm trying to limit bandwidth to individual VLANs that I created using MT OS? that is, I have 2 VLANs and I want specific traffic (bandwidth) flowing into each of these VLANs. Please help me. :D
 
coffeecoco
Member Candidate
Member Candidate
Posts: 175
Joined: Wed Oct 12, 2005 1:17 pm

Mon May 22, 2006 1:50 pm

i tried the one on the wiki for que shaping and it didnt work i even set the timer for 10 secs and lowered the download limit my lan computers use 10.5.50. ip's i edited that it didnt change anything i dont know why any help ? must i add anything into the que manger before anything?

http://wiki.mikrotik.com/wiki/Limiting_ ... traffic_II
 
smutsnic
newbie
Posts: 48
Joined: Tue Apr 19, 2005 8:49 pm

Mon May 22, 2006 5:32 pm

 
erikpakozdi
just joined
Posts: 2
Joined: Tue Feb 21, 2006 8:40 pm

Wed Jan 31, 2007 9:33 am

Here it is what I came up with:
/queue simple; :foreach i in=[find] \
do={  \
     :set sqName [get $i name]; \
#     :set sqTotalAvgRate [get $i total-avg-rate]; \
     :set sqTotalBytes [get $i total-bytes]; \
     :set sqLevel [:find $sqName "\[LevelA\]"]; \
     :if ($sqLevel >= 0)  do={ \
        set $i limit-at=32000/32000 max-limit=64000/64000 burst-threshold=48000/48000 burst-limit=128000/128000 burst-time=30/30; \
        :if ($sqTotalBytes  > 104857600)  do = { \ 
          set $i limit-at=24000/24000 max-limit=32000/32000 burst-threshold=0/0 burst-limit=0/0 burst-time=0/0; \
        }; \
     } else {
       :set sqLevel [:find $sqName "\[LevelB\]"]; \
       :if ($sqLevel >= 0)  do={ \
           set $i limit-at=64000/64000 max-limit=128000/128000 burst-threshold=78000/78000 burst-limit=256000/256000 burst-time=30/30; \
           :if ($sqTotalBytes  > (2 * 104857600))  do = { \ 
             set $i limit-at=64000/64000 max-limit=64000/64000 burst-threshold=0/0 burst-limit=0/0 burst-time=0/0; \
           }; \
       } else { \
           :set sqLevel [:find $sqName "\[LevelC\]"]; \
           :if ($sqLevel >= 0)  do={ \
               set $i limit-at=72000/72000 max-limit=256000/256000 burst-threshold=96000/96000 burst-limit=1000000/1000000 burst-time=30/30; \
               :if ($sqTotalBytes  > (3 * 104857600))  do = { \ 
                  set $i limit-at=72000/72000 max-limit=72000/72000 burst-threshold=0/0 burst-limit=0/0 burst-time=0/0; \
                }; \
            }; \
        }; \
     }; \
     :if ($sqLevel >= 0) do { \
        :put ([get $i name] . " : " . [get $i limit-at] . " : " . [get $i max-limit]  . " : " . [get $i burst-limit]   . " : " . [get $i burst-threshold]  . " : " . [get $i burst-time]) ; \
     }; \
}
This scripts checks names of simple queues and if it finds [LevelA], [LevelB] or [LevelC] in name, it sets specified parameters. It also checks total-bytes and if limit is reached it sets different parameters for a queue.

This allows you to set groups at will (it is easily expandable to needed number of groups, these three are just for an example) and easily put queue in needed group by entering group ID within name. This means you may keep custom simple queue names, just add Group ID in it.

If you want to change group for some simple queue, just change group id in that queue name.

As previosu script, this script should be scheduled in regular time periods, for instance every 5 minutes, and also there should be triger that resets total-bytes once a day. REcomendation is that reset is done about 2 AM.

Script runs but this is my the very frst MT script for so it is possible it is not of greatest quality code. I hope som of experienced members will suggest if there are possible improvements in code.

How to reset counters:
/queue simple reset-counters
Hi, i use this code and works fine, but:

CPU_weekly
Image
RAM_weekly
Image
Internet_weekly
Image

the code "eat" the RAM, if i turned off the FUP code, the RAM usage is normal...
Any ideas? somebody use this code?

thanx[/img]
 
erikpakozdi
just joined
Posts: 2
Joined: Tue Feb 21, 2006 8:40 pm

Wed Jan 31, 2007 9:33 am

Here it is what I came up with:
/queue simple; :foreach i in=[find] \
do={  \
     :set sqName [get $i name]; \
#     :set sqTotalAvgRate [get $i total-avg-rate]; \
     :set sqTotalBytes [get $i total-bytes]; \
     :set sqLevel [:find $sqName "\[LevelA\]"]; \
     :if ($sqLevel >= 0)  do={ \
        set $i limit-at=32000/32000 max-limit=64000/64000 burst-threshold=48000/48000 burst-limit=128000/128000 burst-time=30/30; \
        :if ($sqTotalBytes  > 104857600)  do = { \ 
          set $i limit-at=24000/24000 max-limit=32000/32000 burst-threshold=0/0 burst-limit=0/0 burst-time=0/0; \
        }; \
     } else {
       :set sqLevel [:find $sqName "\[LevelB\]"]; \
       :if ($sqLevel >= 0)  do={ \
           set $i limit-at=64000/64000 max-limit=128000/128000 burst-threshold=78000/78000 burst-limit=256000/256000 burst-time=30/30; \
           :if ($sqTotalBytes  > (2 * 104857600))  do = { \ 
             set $i limit-at=64000/64000 max-limit=64000/64000 burst-threshold=0/0 burst-limit=0/0 burst-time=0/0; \
           }; \
       } else { \
           :set sqLevel [:find $sqName "\[LevelC\]"]; \
           :if ($sqLevel >= 0)  do={ \
               set $i limit-at=72000/72000 max-limit=256000/256000 burst-threshold=96000/96000 burst-limit=1000000/1000000 burst-time=30/30; \
               :if ($sqTotalBytes  > (3 * 104857600))  do = { \ 
                  set $i limit-at=72000/72000 max-limit=72000/72000 burst-threshold=0/0 burst-limit=0/0 burst-time=0/0; \
                }; \
            }; \
        }; \
     }; \
     :if ($sqLevel >= 0) do { \
        :put ([get $i name] . " : " . [get $i limit-at] . " : " . [get $i max-limit]  . " : " . [get $i burst-limit]   . " : " . [get $i burst-threshold]  . " : " . [get $i burst-time]) ; \
     }; \
}
This scripts checks names of simple queues and if it finds [LevelA], [LevelB] or [LevelC] in name, it sets specified parameters. It also checks total-bytes and if limit is reached it sets different parameters for a queue.

This allows you to set groups at will (it is easily expandable to needed number of groups, these three are just for an example) and easily put queue in needed group by entering group ID within name. This means you may keep custom simple queue names, just add Group ID in it.

If you want to change group for some simple queue, just change group id in that queue name.

As previosu script, this script should be scheduled in regular time periods, for instance every 5 minutes, and also there should be triger that resets total-bytes once a day. REcomendation is that reset is done about 2 AM.

Script runs but this is my the very frst MT script for so it is possible it is not of greatest quality code. I hope som of experienced members will suggest if there are possible improvements in code.

How to reset counters:
/queue simple reset-counters
Hi, i use this code and works fine, but:

CPU_weekly
Image
RAM_weekly
Image
Internet_weekly
Image

the code "eat" the RAM, if i turned off the FUP code, the RAM usage is normal...
Any ideas? somebody use this code?

thanx[/img]
 
pedja
Long time Member
Long time Member
Posts: 684
Joined: Sat Feb 26, 2005 5:37 am

Wed Jan 31, 2007 11:39 pm

I noticed the same on my MT. I am not user if it is possible to prevent obvious memory leak using script only. I guess that is for someone who knows how MT scripting works to answer.

As an experienced programmer, I cannot tell much good about MT scripting. It sucks in any way.
 
pedja
Long time Member
Long time Member
Posts: 684
Joined: Sat Feb 26, 2005 5:37 am

Wed Jan 31, 2007 11:39 pm

I noticed the same on my MT. I am not user if it is possible to prevent obvious memory leak using script only. I guess that is for someone who knows how MT scripting works to answer.

As an experienced programmer, I cannot tell much good about MT scripting. It sucks in any way.
 
cybergold
Frequent Visitor
Frequent Visitor
Posts: 50
Joined: Thu May 25, 2006 3:36 am

Sun Apr 15, 2007 10:58 am

Thank you very much,
Now I can give the service i wanted to offer.
I have users that never spend 100 mb daily but need the good speed,
And i have users that would download the whole internet in a day if they could.
This way 'easy' users will have good speed for browsing , chatting with camera, and some small downloads.
And the 'bandwidth hungry' users will suffer slower speeds after they cross their 100MB during the day. But, thats not that bad , users can download during the night hours 1am-10am when i disable this script and give greater speads, cose the network is slightly used.

For the others information here is the complete script that is tested and works.
:local traf; 
/queue simple 
:for i from=1 to= 254 do =  { 
:if ([/queue simple find target-addresses=("192.168.1." . $i)] != "") do={ 
:set traf [get [find target-addresses=("192.168.1." . $i)] total-bytes] 
:if ($traf  > 104857600) do = { 
set [find target-addresses=("192.168.1." . $i)] max-limit= 32000/64000 
} 
} 
}


This script will check all the simple queues shearching their target adresses and will search a whole 192.168.1.0/24 subnet.
It will read their total-bytes (recieved + transmited) and will check them if they crosed a limit of 100 MB ( 104857600 bytes)
If they did , they will be limited to lower speed (64k/64k)

You can change the subnet, the limit, and the lower speed acording to your needs.

It shoud be added a scheduler that will run this script every 5 minutes or so.
Another scheduler to reset counters daily " /que simple reset-counters".
I have a simmilar problem. My isp gives me certain volume of data monthly to use, and i want to shape my network to allow my clients (20 of them) to be able to stay within the volume given by my ISP. I have seen this post in the forum and it suits my needs, but am new to scripting. How do i add a scheduler for 5 minutes to this event which you just gave a code for??
Gratefiul for ur response.. timely too
 
cybergold
Frequent Visitor
Frequent Visitor
Posts: 50
Joined: Thu May 25, 2006 3:36 am

Sun Apr 15, 2007 11:01 am

Thank you very much,
Now I can give the service i wanted to offer.
I have users that never spend 100 mb daily but need the good speed,
And i have users that would download the whole internet in a day if they could.
This way 'easy' users will have good speed for browsing , chatting with camera, and some small downloads.
And the 'bandwidth hungry' users will suffer slower speeds after they cross their 100MB during the day. But, thats not that bad , users can download during the night hours 1am-10am when i disable this script and give greater speads, cose the network is slightly used.

For the others information here is the complete script that is tested and works.
:local traf; 
/queue simple 
:for i from=1 to= 254 do =  { 
:if ([/queue simple find target-addresses=("192.168.1." . $i)] != "") do={ 
:set traf [get [find target-addresses=("192.168.1." . $i)] total-bytes] 
:if ($traf  > 104857600) do = { 
set [find target-addresses=("192.168.1." . $i)] max-limit= 32000/64000 
} 
} 
}


This script will check all the simple queues shearching their target adresses and will search a whole 192.168.1.0/24 subnet.
It will read their total-bytes (recieved + transmited) and will check them if they crosed a limit of 100 MB ( 104857600 bytes)
If they did , they will be limited to lower speed (64k/64k)

You can change the subnet, the limit, and the lower speed acording to your needs.

It shoud be added a scheduler that will run this script every 5 minutes or so.
Another scheduler to reset counters daily " /que simple reset-counters".
I have a simmilar problem. My isp gives me certain volume of data monthly to use, and i want to shape my network to allow my clients (20 of them) to be able to stay within the volume given by my ISP. I have seen this post in the forum and it suits my needs, but am new to scripting. How do i add a scheduler for 5 minutes to this event which you just gave a code for??
Gratefiul for ur response.. timely too
 
cybergold
Frequent Visitor
Frequent Visitor
Posts: 50
Joined: Thu May 25, 2006 3:36 am

Sun Apr 15, 2007 2:12 pm

Thank you very much,
Now I can give the service i wanted to offer.
I have users that never spend 100 mb daily but need the good speed,
And i have users that would download the whole internet in a day if they could.
This way 'easy' users will have good speed for browsing , chatting with camera, and some small downloads.
And the 'bandwidth hungry' users will suffer slower speeds after they cross their 100MB during the day. But, thats not that bad , users can download during the night hours 1am-10am when i disable this script and give greater speads, cose the network is slightly used.

For the others information here is the complete script that is tested and works.
:local traf; 
/queue simple 
:for i from=1 to= 254 do =  { 
:if ([/queue simple find target-addresses=("192.168.1." . $i)] != "") do={ 
:set traf [get [find target-addresses=("192.168.1." . $i)] total-bytes] 
:if ($traf  > 104857600) do = { 
set [find target-addresses=("192.168.1." . $i)] max-limit= 32000/64000 
} 
} 
}


This script will check all the simple queues shearching their target adresses and will search a whole 192.168.1.0/24 subnet.
It will read their total-bytes (recieved + transmited) and will check them if they crosed a limit of 100 MB ( 104857600 bytes)
If they did , they will be limited to lower speed (64k/64k)

You can change the subnet, the limit, and the lower speed acording to your needs.

It shoud be added a scheduler that will run this script every 5 minutes or so.
Another scheduler to reset counters daily " /que simple reset-counters".
I have a simmilar problem. My isp gives me certain volume of data monthly to use, and i want to shape my network to allow my clients (20 of them) to be able to stay within the volume given by my ISP. I have seen this post in the forum and it suits my needs, but am unable to see any changes after i specified a limit of 5242880. i want a 5MB download limit....??
Gratefiul for ur response.. timely too
 
cybergold
Frequent Visitor
Frequent Visitor
Posts: 50
Joined: Thu May 25, 2006 3:36 am

Sun Apr 15, 2007 2:13 pm

Thank you very much,
Now I can give the service i wanted to offer.
I have users that never spend 100 mb daily but need the good speed,
And i have users that would download the whole internet in a day if they could.
This way 'easy' users will have good speed for browsing , chatting with camera, and some small downloads.
And the 'bandwidth hungry' users will suffer slower speeds after they cross their 100MB during the day. But, thats not that bad , users can download during the night hours 1am-10am when i disable this script and give greater speads, cose the network is slightly used.

For the others information here is the complete script that is tested and works.
:local traf; 
/queue simple 
:for i from=1 to= 254 do =  { 
:if ([/queue simple find target-addresses=("192.168.1." . $i)] != "") do={ 
:set traf [get [find target-addresses=("192.168.1." . $i)] total-bytes] 
:if ($traf  > 104857600) do = { 
set [find target-addresses=("192.168.1." . $i)] max-limit= 32000/64000 
} 
} 
}


This script will check all the simple queues shearching their target adresses and will search a whole 192.168.1.0/24 subnet.
It will read their total-bytes (recieved + transmited) and will check them if they crosed a limit of 100 MB ( 104857600 bytes)
If they did , they will be limited to lower speed (64k/64k)

You can change the subnet, the limit, and the lower speed acording to your needs.

It shoud be added a scheduler that will run this script every 5 minutes or so.
Another scheduler to reset counters daily " /que simple reset-counters".
I have a simmilar problem. My isp gives me certain volume of data monthly to use, and i want to shape my network to allow my clients (20 of them) to be able to stay within the volume given by my ISP. I have seen this post in the forum and it suits my needs, but am unable to see any changes after i specified a limit of 5242880. i want a 5MB download limit....??
Gratefiul for ur response.. timely too
 
cybergold
Frequent Visitor
Frequent Visitor
Posts: 50
Joined: Thu May 25, 2006 3:36 am

limiting user traffic

Sun Apr 15, 2007 2:14 pm

Thank you very much,
Now I can give the service i wanted to offer.
I have users that never spend 100 mb daily but need the good speed,
And i have users that would download the whole internet in a day if they could.
This way 'easy' users will have good speed for browsing , chatting with camera, and some small downloads.
And the 'bandwidth hungry' users will suffer slower speeds after they cross their 100MB during the day. But, thats not that bad , users can download during the night hours 1am-10am when i disable this script and give greater speads, cose the network is slightly used.

For the others information here is the complete script that is tested and works.
:local traf; 
/queue simple 
:for i from=1 to= 254 do =  { 
:if ([/queue simple find target-addresses=("192.168.1." . $i)] != "") do={ 
:set traf [get [find target-addresses=("192.168.1." . $i)] total-bytes] 
:if ($traf  > 104857600) do = { 
set [find target-addresses=("192.168.1." . $i)] max-limit= 32000/64000 
} 
} 
}


This script will check all the simple queues shearching their target adresses and will search a whole 192.168.1.0/24 subnet.
It will read their total-bytes (recieved + transmited) and will check them if they crosed a limit of 100 MB ( 104857600 bytes)
If they did , they will be limited to lower speed (64k/64k)

You can change the subnet, the limit, and the lower speed acording to your needs.

It shoud be added a scheduler that will run this script every 5 minutes or so.
Another scheduler to reset counters daily " /que simple reset-counters".
I have a simmilar problem. My isp gives me certain volume of data monthly to use, and i want to shape my network to allow my clients (20 of them) to be able to stay within the volume given by my ISP. I have seen this post in the forum and it suits my needs, but am unable to see any changes after i specified a limit of 5242880. i want a 5MB download limit....??
Gratefiul for ur response.. timely too
 
cybergold
Frequent Visitor
Frequent Visitor
Posts: 50
Joined: Thu May 25, 2006 3:36 am

limiting user traffic

Sun Apr 15, 2007 2:15 pm

I have a simmilar problem. My isp gives me certain volume of data monthly to use, and i want to shape my network to allow my clients (20 of them) to be able to stay within the volume given by my ISP. I have seen this post in the forum and it suits my needs, but am unable to see any changes after i specified a limit of 5242880. i want a 5MB download limit....??
Gratefiul for ur response.. timely too
 
cybergold
Frequent Visitor
Frequent Visitor
Posts: 50
Joined: Thu May 25, 2006 3:36 am

Thu Apr 19, 2007 10:09 am

i have implemented this rule in my schedule, but somehow, when the total bytes transferred gets to 5MB, the schedule does not take the upload/download to 16000/32000... Is there anything else i need to do?
this is my configuration..

/queue simple
:for i from=1 to= 254 do = {
:if ([/queue simple find target-addresses=("192.168.1." . $i)] != "") do={
:set traf [get [find target-addresses=("192.168.1." . $i)] total-bytes]
:if ($traf > 5242880) do = {
set [find target-addresses=("192.168.1." . $i)] max-limit= 16000/32000
}
}
}
 
kvan64
Member Candidate
Member Candidate
Posts: 186
Joined: Tue Apr 10, 2007 1:54 pm
Location: Brisbane Australia
Contact:

Re:

Fri May 25, 2007 4:12 pm

Thank you very much,
Now I can give the service i wanted to offer.
I have users that never spend 100 mb daily but need the good speed,
And i have users that would download the whole internet in a day if they could.
This way 'easy' users will have good speed for browsing , chatting with camera, and some small downloads.
And the 'bandwidth hungry' users will suffer slower speeds after they cross their 100MB during the day. But, thats not that bad , users can download during the night hours 1am-10am when i disable this script and give greater speads, cose the network is slightly used.

For the others information here is the complete script that is tested and works.
:local traf; 
/queue simple 
:for i from=1 to= 254 do =  { 
:if ([/queue simple find target-addresses=("192.168.1." . $i)] != "") do={ 
:set traf [get [find target-addresses=("192.168.1." . $i)] total-bytes] 
:if ($traf  > 104857600) do = { 
set [find target-addresses=("192.168.1." . $i)] max-limit= 32000/64000 
} 
} 
}


This script will check all the simple queues shearching their target adresses and will search a whole 192.168.1.0/24 subnet.
It will read their total-bytes (recieved + transmited) and will check them if they crosed a limit of 100 MB ( 104857600 bytes)
If they did , they will be limited to lower speed (64k/64k)

You can change the subnet, the limit, and the lower speed acording to your needs.

It shoud be added a scheduler that will run this script every 5 minutes or so.
Another scheduler to reset counters daily " /que simple reset-counters".
Hi, I am not a programmer and have never attempted any script in my entire life. I don't know how to do it correctly. Will the following work???
Scripts
______________________
add name=shapingRate source={
:local traf;
/queue simple
:for i from=1 to= 254 do = {
:if ([/queue simple find target-addresses=("192.168.1." . $i)] != "") do={
:set traf [get [find target-addresses=("192.168.1." . $i)] total-bytes]
:if ($traf > 104857600) do = {
set [find target-addresses=("192.168.1." . $i)] max-limit= 32000/64000
}
}
}

}

add name=resetCounter source={/que simple reset-counters}


Schedules
______________________
add name=run-1h interval=1h on-event=shapingRate
add name=run-24h interval=24h on-event=resetCounter
 
mickeymouse690
Member Candidate
Member Candidate
Posts: 103
Joined: Sun May 20, 2007 3:08 am

Re:

Mon Nov 26, 2007 10:20 am

i have implemented this rule in my schedule, but somehow, when the total bytes transferred gets to 5MB, the schedule does not take the upload/download to 16000/32000... Is there anything else i need to do?
this is my configuration..

/queue simple
:for i from=1 to= 254 do = {
:if ([/queue simple find target-addresses=("192.168.1." . $i)] != "") do={
:set traf [get [find target-addresses=("192.168.1." . $i)] total-bytes]
:if ($traf > 5242880) do = {
set [find target-addresses=("192.168.1." . $i)] max-limit= 16000/32000
}
}
}
I 2 have tried this script and have even set the limits way low like 60K and users are suppose to be down to like 10k both ways but I dont see this rule being applied....all my clients have ip starting in the 10.5.50 range so I changed to these settings in the script. Any long awaited input would be great here... this compatible with 2.9.43?
 
mickeymouse690
Member Candidate
Member Candidate
Posts: 103
Joined: Sun May 20, 2007 3:08 am

Re: How to limit a user to a given amount of traffic?

Tue Nov 27, 2007 1:05 am

Just an update, this script works great, just takes a few minutes after the limits have been attained in order for the changes to take affect.... Thx
 
mickeymouse690
Member Candidate
Member Candidate
Posts: 103
Joined: Sun May 20, 2007 3:08 am

Re: How to limit a user to a given amount of traffic?

Thu Nov 29, 2007 7:06 am

k, again an update, the script seems to change the max target upload and download as per code, but, the breaks dont seems to be applied at all. In the queue, those that went over there limits got there max targets changed, but they still download at there normal max speeds and not the showed changed values..

Any input from script coders would be great pls.... I have to slow these guys down once they reach there peak, there costing me a fortune.. lol
 
mickeymouse690
Member Candidate
Member Candidate
Posts: 103
Joined: Sun May 20, 2007 3:08 am

Re: How to limit a user to a given amount of traffic?

Fri Nov 30, 2007 4:45 am

any help please, almost desperate here. lol
 
kvan64
Member Candidate
Member Candidate
Posts: 186
Joined: Tue Apr 10, 2007 1:54 pm
Location: Brisbane Australia
Contact:

Re:

Thu Dec 13, 2007 12:20 pm

Thank you very much,
Now I can give the service i wanted to offer.
I have users that never spend 100 mb daily but need the good speed,
And i have users that would download the whole internet in a day if they could.
This way 'easy' users will have good speed for browsing , chatting with camera, and some small downloads.
And the 'bandwidth hungry' users will suffer slower speeds after they cross their 100MB during the day. But, thats not that bad , users can download during the night hours 1am-10am when i disable this script and give greater speads, cose the network is slightly used.

For the others information here is the complete script that is tested and works.
:local traf; 
/queue simple 
:for i from=1 to= 254 do =  { 
:if ([/queue simple find target-addresses=("192.168.1." . $i)] != "") do={ 
:set traf [get [find target-addresses=("192.168.1." . $i)] total-bytes] 
:if ($traf  > 104857600) do = { 
set [find target-addresses=("192.168.1." . $i)] max-limit= 32000/64000 
} 
} 
}


This script will check all the simple queues shearching their target adresses and will search a whole 192.168.1.0/24 subnet.
It will read their total-bytes (recieved + transmited) and will check them if they crosed a limit of 100 MB ( 104857600 bytes)
If they did , they will be limited to lower speed (64k/64k)

You can change the subnet, the limit, and the lower speed acording to your needs.

It shoud be added a scheduler that will run this script every 5 minutes or so.
Another scheduler to reset counters daily " /que simple reset-counters".
Does this work for usermanager accounts?
 
iles
just joined
Posts: 8
Joined: Sun Dec 16, 2007 8:29 pm
Location: GROZNY

Re: How to limit a user to a given amount of traffic?

Mon Dec 17, 2007 9:05 am

Good day.
Forgive me for assistance.
I need to ask RADIUS- users to limit the traffic that they can get through the hotspot. Through RADIUS attributes and Mikrotik-Recv-Limit Mikrotik-Xmit-Limit not produced, wrote about it in this forum, there is no answer yet: (. As a temporary option would impose a limitation on traffic through a script in the profile authorization. Should not difficult, please give an example of a script for a profile authorization implementing the restriction limit traffic in the 5 Megabytes.
PS I know, in your user item regarding limit traffic there, but I have not opened to users RouterOS and recorded via RADIUS
Please Help.
Sorry for the poor English.
 
bobertperry
newbie
Posts: 44
Joined: Tue Jan 06, 2009 4:05 am

Re: How to limit a user to a given amount of traffic?

Tue Jan 06, 2009 6:43 am

Here i1s my plan. Let me know if...what i am missing.

First set it up for transparent traffic shaping:


/ interface bridge
add name="bridge1"
/ interface bridge port
add interface=ether bridge=bridge1
add interface=ether3 bridge=bridge1
/ interface bridge settings
set use-ip-firewall=yes

/ ip firewall mangle
add chain=prerouting action=mark-connection new-connection-mark=other_conn \
passthrough=yes
add chain=prerouting connection-mark=other_conn action=mark-packet \
new-packet-mark=other passthrough=no

/ queue simple
add name="other" parent=main packet-marks=other max-limit=100000000/100000000



---------------


This script will check all the simple queues searching their target addresses and will search

10.100-103
10.151-179
10.810-189
10.140
10.150.0.1-10.150.63.255

(or i could put it on the outside interface and just have to go though a single class b, i may have to do that anyways with trunking and all...)

subnet. It will read their total-bytes (received transmitted) and will check them if they crossed a limit of
500 MB ( 524288000 bytes) If they did , they will be limited to lower speed (64k/64k).

I will put this on a scheduler that will run the script every 5 minutes from 18:00 to 23:55pm every day.
/system script
add name=start_limit source={/system scheduler name=limiter_timer start-time=18:00:00 interval=5m script=limiter}
add name=stop_limit source={!!!!How do i remove the scheduler?... I have yet to buy/ever use microTik but will the moment once I get the hardware I plan to use. The PC I bought has a sata controller not supported so I have ordered another.  Something like "/system scheduler remove limiter_timer" is my guess

/que simple reset-counters

}

/ system scheduler
add name=start_limit_script start-time=18:00:00 interval=24h script=start_limit
add name=stop_limit_script start-time=23:25:00 interval=24h script=stop_limit
/system script limiter  {
:local traf;
/queue simple
{
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.100.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.100.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.100.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.101.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.101.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.101.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.102.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.102.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.102.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.103.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.103.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.103.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.151.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.151.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.151.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.152.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.152.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.152.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.153.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.153.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.153.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.154.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.154.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.154.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.155.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.155.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.155.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.156.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.156.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.156.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.157.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.157.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.157.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.158.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.158.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.158.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.159.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.159.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.159.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.160.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.160.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.160.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.161.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.161.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.161.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.162.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.162.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.162.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.163.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.163.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.163.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.164.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.164.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.164.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.165.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.165.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.165.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.166.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.166.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.1.166." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.167.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.167.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.167.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.168.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.168.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.168.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.169.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.169.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.169.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.170.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.170.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.170.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.171.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.171.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.171.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.172.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.172.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.172.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.173.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.173.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.173.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.174.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.174.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.174.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.175.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.175.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.175.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.176.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.176.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.176.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.177.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.177.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.177.1." . $i)] max-limit= 32000/64000
      }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.178.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.178.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.178.1." . $i)] max-limit= 32000/64000
      }
    }
  }  
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.179.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.179.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.179.1." . $i)] max-limit= 32000/64000
      }
    }
  } 
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.181.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.181.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.181.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.182.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.182.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.182.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.183.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.183.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.183.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.184.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.184.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.184.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.185.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.185.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.185.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.186.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.186.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.186.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.187.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.187.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.187.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.188.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.188.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.188.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.189.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.189.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.189.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :if ([/queue simple find target-addresses=("10.140.1." . $i)] != "") do={
      :set traf [get [find target-addresses=("10.140.1." . $i)] total-bytes]
      :if ($traf  > 524288000) do = {
        set [find target-addresses=("10.140.1." . $i)] max-limit= 32000/64000
      }
    }
  }
  :for i from=1 to= 254 do =  {
    :for j from=0 to= 63 do =  {
      :if ([/queue simple find target-addresses=("10.150." . $j . "." . $i)] != "") do={
        :set traf [get [find target-addresses=("10.150.1." . $i)] total-bytes]
        :if ($traf  > 524288000) do = {
          set [find target-addresses=("10.150.1." . $i)] max-limit= 32000/64000
        }
      }
    }
  }
}
}

at 24:00 I will add script in the scheduler to reset the counters and lift any limits.
/que simple reset-counters
Do I need to go though every address and remove/increase the max-limit as well?
 
bronco1980
Frequent Visitor
Frequent Visitor
Posts: 63
Joined: Wed Jul 22, 2009 5:02 pm

Re: How to limit a user to a given amount of traffic?

Fri Jun 25, 2010 3:37 pm

My Script was working normally for shaping the amount of traffic on 2.9.51 .. but after upgrading to 4.10 the script stops working ..


:local traf;
/queue simple
:for i from=1 to= 254 do = {
:if ([/queue simple find target-addresses=("10.11.2." . $i)] != "") do={
:set traf [get [find target-addresses=("10.11.2." . $i)] total-bytes]
:if ($traf <104857600) do = {
set [find target-addresses=("10.11.2." . $i)] max-limit=16000/64000 limit-at=16000/64000 burst-limit=24000/80000 burst-threshold=16000/64000 burst-time=10s/10s
}
}
}


Any idea guys why this happens!!
 
soundsticks
just joined
Posts: 14
Joined: Tue Aug 06, 2013 10:55 am

Re: How to limit a user to a given amount of traffic?

Wed Aug 07, 2013 7:48 am

The script it doesn't working for me as well, i did created scheduler running in every 5 minutes and doing a counter rest in every 24 hour.

This is my script which my IP address range in between 192.168.88.*
Name : shapingRate

:local traf;
/queue simple
:for i from= 1 to= 254 do = {
:if ([/queue simple find target-addresses=("192.168.88." . $i)] != "") do={
:set traf [get [find target-addresses=("192.168.88." . $i)] total-bytes]
:if ($traf > 10485760) do = {
set [find target-addresses=("192.168.88." . $i)] max-limit= 10240/10240
}
}
}
And this is my scheduler
Name : run-1h

/que simple reset-counters
Name : run-24h

resetCounter
 
User avatar
Maggiore81
Member Candidate
Member Candidate
Posts: 217
Joined: Sun Apr 15, 2012 12:10 pm
Location: Italy
Contact:

Re: How to limit a user to a given amount of traffic?

Sat Sep 07, 2013 9:38 am

This is my script:
/queue simple; :foreach i in=[find] \
do={  \
     :set sqName [get $i name]; \
#     :set sqTotalAvgRate [get $i total-avg-rate]; \
     :set sqTotalBytes [get $i total-bytes]; \
     :set sqLevel [:find $sqName "\[BASE-R\]"]; \
     :if ($sqLevel >= 0)  do={ \
        set $i max-limit=256K/10M; \
        :if ($sqTotalBytes  > 104857)  do = { \
          set $i max-limit=256K/1280K; \
        }; \
     } else {
       :set sqLevel [:find $sqName "\[STANDARD-R\]"]; \
       :if ($sqLevel >= 0)  do={ \
           set $i max-limit=256K/10M; \
           :if ($sqTotalBytes  > (2 * 104857600))  do = { \
             set $i max-limit=256K/2304K; \
           }; \
       } else { \
           :set sqLevel [:find $sqName "\[PLUS-R\]"]; \
           :if ($sqLevel >= 0)  do={ \
               set $i max-limit=512K/10M; \
               :if ($sqTotalBytes  > (3 * 104857600))  do = { \
                  set $i max-limit=512K/3M; \
                }; \
	} else {
       :set sqLevel [:find $sqName "\[TOP-R\]"]; \
       :if ($sqLevel >= 0)  do={ \
           set $i max-limit=512K/10M; \
           :if ($sqTotalBytes  > (2 * 104857600))  do = { \
             set set $i max-limit=512K/4M; \
           }; \
	} else {
       :set sqLevel [:find $sqName "\[EXTREME-R\]"]; \
       :if ($sqLevel >= 0)  do={ \
           set $i max-limit=1M/10M; \
           :if ($sqTotalBytes  > (2 * 104857600))  do = { \
             set set $i max-limit=1M/7M; \
           }; \
	} else {
       :set sqLevel [:find $sqName "\[BASE-B\]"]; \
       :if ($sqLevel >= 0)  do={ \
           set $i max-limit=256K/10M; \
           :if ($sqTotalBytes  > (2 * 104857600))  do = { \
             set $i max-limit=256K/1280K; \
           }; \
	} else {
       :set sqLevel [:find $sqName "\[STANDARD-B\]"]; \
       :if ($sqLevel >= 0)  do={ \
           set $i max-limit=320K/10M; \
           :if ($sqTotalBytes  > (2 * 104857600))  do = { \
             set set $i max-limit=320K/2304k; \
           }; \
	} else {
       :set sqLevel [:find $sqName "\[TOP-B\]"]; \
       :if ($sqLevel >= 0)  do={ \
           set $i max-limit=512k/10M; \
           :if ($sqTotalBytes  > (2 * 104857600))  do = { \
             set set $i max-limit=512K/4M; \
           }; \
	} else {
       :set sqLevel [:find $sqName "\[EXTEME-B\]"]; \
       :if ($sqLevel >= 0)  do={ \
           set $i max-limit=1M/10M; \
           :if ($sqTotalBytes  > (2 * 104857600))  do = { \
             set set $i max-limit=1M/7M; \
           }; \
                }; \
                }; \
     }; \
     :if ($sqLevel >= 0) do { \
        :put ([get $i name] . " : " . [get $i limit-at] . " : " . [get $i max-limit]  . " : " . [get $i burst-limit]   . " : " . [get $i burst-threshold]  . " : " . [get $i burst-time]) ; \
     }; \
}
in 5.25 it doesnt work

can someone help me ?
Dott. Elia Spadoni
---
Network Administrator,
MTCNA, MTCRE, MTCTCE, MTCINE, MTCWE
Spadhausen Internet Provider
Ravenna, ITALY
http://www.spadhausen.com
 
User avatar
Maggiore81
Member Candidate
Member Candidate
Posts: 217
Joined: Sun Apr 15, 2012 12:10 pm
Location: Italy
Contact:

Re: How to limit a user to a given amount of traffic?

Sat Sep 07, 2013 12:55 pm

I have managed to let it work but I am not able to read total bytes since in my queue the total statistics of the queue remains to 0.

how can I let it populate correctly?
Also I will be interested only in checking 1GB of download traffic..
Dott. Elia Spadoni
---
Network Administrator,
MTCNA, MTCRE, MTCTCE, MTCINE, MTCWE
Spadhausen Internet Provider
Ravenna, ITALY
http://www.spadhausen.com
 
User avatar
Xtreme512
Frequent Visitor
Frequent Visitor
Posts: 72
Joined: Sun Jun 08, 2014 2:43 pm
Location: Nicosia, CY
Contact:

Re: How to limit a user to a given amount of traffic?

Mon Jan 26, 2015 1:13 am

Hi, i want to reset only the total-bytes counter not all. how can i do that?
I Walk Alone
 
amsteen
Member Candidate
Member Candidate
Posts: 146
Joined: Sat Apr 04, 2009 11:09 am

Re: How to limit a user to a given amount of traffic?

Thu Jan 14, 2016 5:58 pm

Dear All

Is this subject is closed or not as I try this on my server but I fail any help..

My Server settings:
/ip address
add address=192.168.100.1/24 interface=Mangers network=192.168.100.0
add address=192.168.1.50/24 interface=External network=192.168.1.0
/ip dns
set allow-remote-requests=yes servers=208.67.222.222,208.67.220.220
/ip firewall nat
add action=masquerade chain=srcnat out-interface=!Mangers
add action=redirect chain=dstnat dst-port=80 in-interface=External protocol=\
tcp to-ports=8080
add action=redirect chain=dstnat dst-port=80 protocol=tcp to-ports=8080
/ip proxy
set cache-on-disk=yes cache-path=disk2 enabled=yes
/ip route
add distance=1 gateway=192.168.1.1

Hot to modify the script to check 100MB per day ??
 
User avatar
AYcoo
Frequent Visitor
Frequent Visitor
Posts: 81
Joined: Thu May 19, 2016 8:44 pm

Re:

Wed May 25, 2016 7:59 pm

Thank you very much,
Now I can give the service i wanted to offer.
I have users that never spend 100 mb daily but need the good speed,
And i have users that would download the whole internet in a day if they could.
This way 'easy' users will have good speed for browsing , chatting with camera, and some small downloads.
And the 'bandwidth hungry' users will suffer slower speeds after they cross their 100MB during the day. But, thats not that bad , users can download during the night hours 1am-10am when i disable this script and give greater speads, cose the network is slightly used.

For the others information here is the complete script that is tested and works.
:local traf; 
/queue simple 
:for i from=1 to= 254 do =  { 
:if ([/queue simple find target-addresses=("192.168.1." . $i)] != "") do={ 
:set traf [get [find target-addresses=("192.168.1." . $i)] total-bytes] 
:if ($traf  > 104857600) do = { 
set [find target-addresses=("192.168.1." . $i)] max-limit= 32000/64000 
} 
} 
}


This script will check all the simple queues shearching their target adresses and will search a whole 192.168.1.0/24 subnet.
It will read their total-bytes (recieved + transmited) and will check them if they crosed a limit of 100 MB ( 104857600 bytes)
If they did , they will be limited to lower speed (64k/64k)

You can change the subnet, the limit, and the lower speed acording to your needs.

It shoud be added a scheduler that will run this script every 5 minutes or so.
Another scheduler to reset counters daily " /que simple reset-counters".
what os version work with this script ?
سبحان الله و بحمده,لا اله الا الله
 
proexot
just joined
Posts: 1
Joined: Fri Apr 28, 2017 9:42 am

Re: How to limit a user to a given amount of traffic?

Fri Apr 28, 2017 9:49 am

Hello

I have problem about limit amount traffic, at my work i want give some of users traffic limit.I have bandwith limit with 2mbit/2Mbit, But some of users saying that "Im using wifi for work , we have whatsapp group bla bla bla".. So I want give them for a mounth 1gb internet.

It is possible? If yes, How ? Best regards
 
Apolong
just joined
Posts: 3
Joined: Sun Jun 18, 2017 9:43 am

Re: How to limit a user to a given amount of traffic?

Wed Jul 19, 2017 1:29 pm

Many times people have asked how to shape traffic based on the amount the user has already downloaded.
Here is a small script which makes the job:
-------------------------
:local sum; :local traf;
:set sum 0
/ip firewall rule forward {
:foreach i in [find] do={:incr sum}
:for i from=1 to=$sum do={
:set traf [get [find comment=("user" . $i)]
bytes]
:set traf ($traf/1073741824)
:if ($traf>1) do={:log facility=System-Info message=("user" . $i .
" exceeded 1Gb limit!")}
}
}
-------------------------
Comments:
1)Make your own chain for accounting purposes (just don't forget to add jumps from forward chain.) In the end of this chain add return rule.

2)Make a custom action when the user reaches the limit. By default the scripts writes message to logs (use /log print without-paging command to view logs)

The original can be found in MT docs:
http://www.mikrotik.com/docs/ros/2.8/ap ... t#11.2.5.8
Mnthanks bro,
Can you help me to know how to limit amount of computer in VLAN 500MB per DAY?

Thankyou so much
 
Acerko
just joined
Posts: 9
Joined: Wed Jan 18, 2017 12:24 am

Re: How to limit a user to a given amount of traffic?

Mon Dec 18, 2017 12:23 am

Any solution for newer version?
 
s4suryavanshi
just joined
Posts: 2
Joined: Thu Jan 18, 2018 11:08 am
Location: Rajasthan, India

Re: How to limit a user to a given amount of traffic?

Thu Jan 18, 2018 11:37 am

I am not able to run below command in the terminal CCR 1072.


/ip firewall add name=accounting

Who is online

Users browsing this forum: No registered users and 12 guests