0

I have setup a hotspot device with openwrt. It has nodogsplash installed for hotspot functions and iptables for limit bandwith. When i was testing speed limit script, hotspot was disabled for testing purposes soo i did not notice the conflict back then. The problem is both my script with iptables and nodogsplash uses "MARK" on iptables for traffic control and conflict begins here i think. Because both programs marks traffic with there specified strings like "0xa". Is there any ways to fix this issue or any other way to control bandwith per ip?

iptables -t nat -A prerouting_rule -m mac --mac-source 1c:91:48:xx:xx:xx -j MARK --set-mark 0x0A -m comment --comment "PC"
iptables -t nat -A prerouting_rule -m mark --mark 0xA -j CONNMARK --save-mark
iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark
iptables  -A forwarding_rule -m mark --mark 0xA -m conntrack --ctstate ESTABLISHED,RELATED -m hashlimit --hashlimit-name "Limit" --hashlimit-above 24kb/s -j DROP

Those are the some part of my script which creates iptables rules.

Some of the nodogsplsh created iptable rules are below

DROP       all  --  anywhere             anywhere             mark match 0x10000/0x30000
ndsAUT     all  --  anywhere             anywhere             mark match 0x30000/0x30000
ACCEPT     all  --  anywhere             anywhere             mark match 0x20000/0x30000

I try to give enough info without too much :) I hope it is enough.

Improve this question

1 Answer 1

Reset to default
0

If someone needed a solution;

iptables -A forwarding_rule -d 192.168.1.10 -m hashlimit --hashlimit-name "speedLimit" --hashlimit-above 100kb/s -j DROP

options:

  • -d: ipadress of client

  • --hashlimit-name: some name, like comment

  • --hashlimit-above: speed limit value in kb/s

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .