Limiting Speed of Download/Upload for Specific Devices

I am a new user to openwrt. My aim is to limit the download for specific devices(wireless devices) in my network due to torrenting/heavy usages to save my monthly quota. I have searched for many solutions here, but most of them seems not be working for me.

I have used SQM limiting, but SQM limits interfaces not IPs or MACs.
I have three interfaces "lan" (which contains all the wlans and eth ports), wan and wan6.
I am thinking of creating a fourth interfaces "limiter" and redirect all the data from this IP/MAC using firewall rules to from the "lan" to the "limiter" interface then adding the "limiter" to the SQM rules.

I am not sure if VLAN is required as well..

Is implementing this scenario possible? If so, how can I do it or from where can I start?

#########################################
# Background Traffic (Bulk/file transfer)
#########################################
#bulk traffic ipset, like windows udates and steam updates/downloads
$IPT -t mangle -A PREROUTING -m set --match-set bulk src,dst -j CONNMARK --set-mark 0x1 -m comment --comment "bulk traffic ipset"

#A robust rule to detect downloads/uploads and torrents!
$IPT -t mangle -A PREROUTING -m connmark ! --mark 0x2 -m connmark ! --mark 0x3 -m connmark ! --mark 0x5 -m connmark ! --mark 0x6 -m connmark ! --mark 0x21 -m connmark ! --mark 0x41 -m connmark --mark 0x1 -j CONNMARK --set-mark 0xB

$IPT -t mangle -A PREROUTING -p tcp -m multiport --ports 21,25,80,81,443,444,554,8000,8080,8409,60887,27014:27050 -m connbytes --connbytes 500000: --connbytes-dir both --connbytes-mode bytes -j CONNMARK --set-mark 0xB #60887 bittorrent
$IPT -t mangle -A PREROUTING -p udp -m multiport --ports 21,25,80,81,443,444,554,8000,8080,8409,60887 -m connbytes --connbytes 500000: --connbytes-dir both --connbytes-mode bytes -j CONNMARK --set-mark 0xB
$IPT -t mangle -A PREROUTING -m connmark --mark 0xB -j DSCP --set-dscp-class CS1

add another rule and LAN lan device ipset of you want per device limiting... or just add rules... shouldn't really be needed though...

1 Like