Tomato help - limit mac address to only access the internet

[robjf]

Evening guys, hope everyone is good

Just a quick question about the Tomato firmware which I have on a WRT54GL.
In a student house currently with about 6 of us. I pay for the internet and so from the outset everyone has agreed that nobody will use torrents, which everyone agreed on.

Now theres one lad who has been downloading torrents constantly for the last few days and I would like to set his mac/ip to only be able to access the ports for general internet browsing.

His is the only computer in the house which i want to do this too as luckily everybody in the house respects my wishes seeing as I pay for it!

I would be greatful for any help that you guys can provide

Rob

 

[wij]

I'm sure you could bind an IP to his MAC address and just use the firewall features to lock down what they're able to access.

Also you could try using the L7 filter to traffic shape torrent traffic to zero bandwidth, so no matter what he does it won't be worth the effort.

Personally if you're the only one paying the bill and the others are using it out of your generosity I'd just block his MAC and tell him to adjust his usage in line with everyone else or get his own line.

 

[-=Vect0r=-]

Failing that you could try restricting his bandwith through his MAC/IP which I believe the Victek Tomato RAF Mod can do. He should be able to what he likes with his allocation leaving enough bandwidth for the remainder.

 

[Azuse05]

The top two approaches are useless, encrypted torrents will bypass both, so unless you want to cut him off completely he'll have them.

Use the raf mod, go to ip/mac bw limiter > arr binding, enable and limit unlisted machines. Any device that requires internet access must be added to the list on this page. Now IP/MAC BW > enable qos and set the limits (same as regular qos) and add your devices and limits. the dl/up rate is the guaranteed amount thus the total of the collums must not exceed the speed of your line, preferably below. The ceil is up to you, personally I always put it at the max to ensure bw isn't wasted at quiet times although in your friends case lower would be better, if you've set it up correctly he won't ever choke the line since everyone will always have a minimum amount of bw. The regular qos will still function on all data. Priority is simple, give console/voip high/highest and they'll have lower pings.

If the problem is him choking the line the above will solve this, if it's, less than legal, downloads the law absolves you if a. you didn't download something copyright or b. didn't give permission to the person that did on your line. Both being impossible to prove is why it's no-ones been done in court. They'd need a hard drive (and no judge will issue a search warrant based on ip) or video of someone actually doing it.

It's worth turning the other tweaks on, like upnp secure mode/overclocking (the different 250mhz makes to qos is huge, particularly with multiple users) etc. Btw running a 54gl at 250mhz shouldn't cause problems, the frequencies are built into the chips. Linksys shopped afew wrts at 216mhz from the factories.