Ever had a user who uses up far too much bandwidth on your network? The
Linux Advanced Routing and Traffic Control Guide gives a good example of
rate-limiting a single machine on your network, using the sch_cbq module; however, I wanted to do this on a Linksys WRT54-GS router running OpenWRT, and sch_cbq is not available on there.
Fortunately, sch_htb, the
Hierarchical Token Bucket is available on OpenWRT, which can do the same thing, but it's a lot more complicated to configure.
The following script will rate limit the single IP address of 192.168.0.67 to 128kbps. All other addresses on the network will remain unlimited. Set the name of the
inside interface on your Linux router in DEV, the IP address in IP, the maximum rate on your inside network in MAXRATE and the limit that you want to apply in LIMIT.
#!/bin/sh
DEV="br-lan"
IP="192.168.0.67"
MAXRATE="100mbps"
LIMIT="128kbps"
tc qdisc add dev $DEV root handle 1: htb default 11
tc class add dev $DEV parent 1: classid 1:1 htb rate $MAXRATE ceil $MAXRATE
tc class add dev $DEV parent 1:1 classid 1:10 htb rate $LIMIT ceil $LIMIT
tc class add dev $DEV parent 1:1 classid 1:11 htb rate $MAXRATE ceil $MAXRATE
tc filter add dev $DEV protocol ip parent 1:0 prio 1 u32 match ip dst $IP flowid 1:10
tc qdisc add dev $DEV parent 1:10 handle 20: pfifo limit 5
tc qdisc add dev $DEV parent 1:11 handle 30: sfq perturb 10
If you found this article helpful, consider making a donation to offset the costs of running this server, to one of these addresses: