It seems that OpenWrt firewall only supports rate limit by packets now, like:
limit rate 10/second
However, rate limit per bytes is supported by nftables since Linux kernel 4.3, like:
limit rate 10 mbytes/second
Here is the reference: https://wiki.nftables.org/wiki-nftables/index.php/Rate_limiting_matchings
It would be nice to have this feature in fw4/luci.
Byte-based limiting in nftables' limit statement works by tracking the total byte count of packets (using the packet's length field), but since the kernel can only accept or drop whole packets, it enforces the rate using a token bucket algorithm that approximates the desired byte rate.
In summary, byte limiting is only approximate, packet limiting is accurate.
Byte limiting adds an overhead.
So is it worth implementing in fw4?
If this was going to be done, what about bucket size, number of buckets and burst value?
Suddenly does it get quite complicated for not much advantage?... Possibly some disadvantage?
Write it in luci, be warned that fw3/fw4 pull requests rot for years.