amuck-landowner

Help me save my connection!

Naruto

New Member
I have people who use my wifi and constantly download things. This dude in particular uses Firefox with DownThemAll and will download so much crap. He fills a 1TB hard drive with ease. If he sees a YouTube video he likes, instead of bookmarking it or just letting it buffer to watch it, he feels the need to download it.

Anyway, my connection is supposed to be 6Mbps but usually I get 5Mbps. Lately, due to his downloading, I am unable to play my games because speeds drop to 0.17Mbps to 0.39Mbps. Real bad, I know. My desktop uses ethernet and he's on a laptop with a Wireless N card.

I don't have a QoS section on my modem, but I can change the modem to Wireless B, B/G, or B/G/N. If I change the router to Wireless B (which his Wireless N card would of course support), would that limit his ability to hog the connection?
 

Tux

DigitialOcean? lel
Or secure the network using WPA. Now his CPU and/or wireless card will need to take a slightly bigger hit.
 

drmike

100% Tier-1 Gogent
I'd be looking for his MAC address then in firmware for QoS by IP.  Stick him to a "static" IP and squash his throughput.

Me, I'd hope he wasn't downloading illegal stuff or doing anything concerning.  Most folks aren't, but that's always present issue with open connection.
 

MannDude

Just a dude
vpsBoard Founder
Moderator
http://www.ex-parrot.com/~pete/upside-down-ternet.html

Upside-Down-Ternet

My neighbours are stealing my wireless internet access. I could encrypt it or alternately I could have fun.

Split the network

I'm starting here by splitting the network into two parts, the trusted half and the untrusted half. The trusted half has one netblock, the untrusted a different netblock. We use the DHCP server to identify mac addresses to give out the relevant addresses.

/etc/dhcpd.conf

ddns-updates off;
ddns-update-style interim;
authoritative;

shared-network local {

subnet *.*.*.* netmask 255.255.255.0 {
range *.*.*.* *.*.*.*;
option routers *.*.*.*;
option subnet-mask 255.255.255.0;
option domain-name "XXXXX";
option domain-name-servers *.*.*.*;
deny unknown-clients;

host trusted1 {
hardware ethernet *:*:*:*:*:*;
fixed-address *.*.*.*;
}
}

subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.2 192.168.0.10;
option routers 192.168.0.1;
option subnet-mask 255.255.255.0;
option domain-name-servers 192.168.0.1;
allow unknown-clients;

}
}


IPtables is Fun!

Suddenly everything is kittens! It's kitten net.


/sbin/iptables -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -j DNAT --to-destination 64.111.96.38

For the uninitiated, this redirects all traffic to kittenwar.


For more fun, we set iptables to forward everything to a transparent squid proxy running on port 80 on the machine.


/sbin/iptables -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.1

That machine runs squid with a trivial redirector that downloads images, uses mogrify to turn them upside down and serves them out of its local webserver.

The redirection script

#!/usr/bin/perl
$|=1;
$count = 0;
$pid = $$;
while (<>) {
chomp $_;
if ($_ =~ /(.*\.jpg)/i) {
$url = $1;
system("/usr/bin/wget", "-q", "-O","/space/WebPages/images/$pid-$count.jpg", "$url");
system("/usr/bin/mogrify", "-flip","/space/WebPages/images/$pid-$count.jpg");
print "http://127.0.0.1/images/$pid-$count.jpg\n";
}
elsif ($_ =~ /(.*\.gif)/i) {
$url = $1;
system("/usr/bin/wget", "-q", "-O","/space/WebPages/images/$pid-$count.gif", "$url");
system("/usr/bin/mogrify", "-flip","/space/WebPages/images/$pid-$count.gif");
print "http://127.0.0.1/images/$pid-$count.gif\n";

}
else {
print "$_\n";;
}
$count++;
}
shot1.png
 
Last edited by a moderator:

Naruto

New Member
I have a WRT54G router I'm not using in my room. Maybe I could hook it up to my other router that I use as a switch in my room and then change the SSID to the wireless name and password used by the NVG510 modem in the living room and also disable it's wireless. They'll simply notice it's not working, try to reconnect, and BAM! QoS.
 

MCH-Phil

New Member
Verified Provider
Go switch his network card to B only.

I had a neighbor recently want me to give him my wifi password.  To save myself the argument with the drunk I gave him the password and let him have use for the evening.  The next morning I turned the SSID broadcast off and enabled mac auth and when he came to complain his free internet wasn't working I kindly explained that his usage burned out the wireless side on my cable modem.  
 
Last edited by a moderator:

mikho

Not to be taken seriously, ever!
Plus 1 to Manndudes suggestions.


That is really funny thing to do and you can make a lot of different things happen.


I think there are different modules that you can use.
 
Top
amuck-landowner