Limiters set up dummy pipes you can use to simulate any kind of network connection.
This way you can limit WAN bandwidth to your users; trying to speed things up we’ll also install Squid3 acting as Transparent Proxy.
Using Squid you can easily cache contents and forbid/remove malicious URls (like Ad, etc)
Here you will also find the bugfix for internet not working after squid proxy is enabled.
There are 4 basic steps to set up a limiter to control bandwidth and cache contents:
- Setup the limiters
- Assign NAT rules
- Setup Squid3
- Assign NAT rules to prevent a pipe loop (otherwise you’ll get no internet access)
Go to the Firewall >>Traffic Shaper >> Limiters >> New Limiter:
And create a new limiter for the source adresses; this’ll be the Upload limit. (pay attention to the mask)
Now create a new limiter, this’ll be the Download limit. (pay attention to the mask)
Assign NAT Rule
Now we need to associate the limiters to a IP (or a range of IPs).
Go to the Firewall>>>Rules >> LAN >> Add New
Set a rule for LAN Interface on any protocol,
In the source box select the IPs you want to be affected by the limiter,
Then click on the advanced settings, search for the In/Out and set UploadLimit and DownloadLimit.
Move this new rule to the top of the chain and apply changes!
If you are not interested in Squid3 this tutorial is over!
Check the package from System >> Package Manager >> Available Packages.
After the installation has completed go to Service >> Squid Proxy Server.
Here you simply have to enable Squid Proxy and Trasparent Proxy feature.
You can also increase or tweak memory settings using “Local Cache” menu.
Squid3 + Limiters Workaround
We have to add another rule, otherwise internet will not work after enabling squid3.
Go to the Firewall >>Rules >> LAN, add another rule over the one we previously created:
this way we prevent squid3 from being trapped within Limits
Double check this rule is over the one of limiters.
Everything **should** work as expected