Blocking/Restricting Flatmates P2P traffic

secret_squirrel

Im finding that my flatmates are hogging all the bandwidth on our BB with their P2P traffic. (shareaza I think). Since Im feeling grouchy I've decided to set up a rule on my Linksys WRT45G that blocks most TCP/UDP ports to stop them. Every time they flood the connection I can then switch the rule on to stop it.

So far I've blocked ports 500-10000 should that do the trick? Or am I spitting in the wind?

Stark

Blocking ports might not be the best way as your flatmates could either get upset or else find ways to work around the port blockings. There should be "quality of service" options on the router to either throttle the bandwidth to individual IPs or else give priority to traffic on ports like port 80 and port 443(web traffic ports).

If you're on DSL, you may want to restrict their upstream bandwidth in particular, as applications like Bittorrent will really saturate this and this ends up choking both the upstream and the downstream.

secret_squirrel

Should have mentioned that I already had QOS enabled.

I had my MAC given high priority and one of my flatmates MAC's given low. Unfortunately it will only let me specify 2 devices and there's 3 of us.

I've added in application QOS based on ports now so we shall see how that goes.

I have the option to limit the upload bandwidth - but wont that affect me too?
Im on ADSL 1024/128.
If I restricted it to 100 upload then would give me some headroom?

Stark

Try it and see. I'm not sure if it would help, or further compound the problem as you're throttling all applications indiscriminantly. I just checked the options on my WRT54G and unfortunatley it doesn't let you throttle individual upload speeds so that's a bummer.

zuma

If I was your flatmate, and paid an equal share as you for Broadband, then found out what you are trying to do I would get very ANGRY!

Honestly unless if badly affects your surfing, let it be or else move out...simple!

WizZard

Check out DD-WRT/OpenWRT/Sveasoft etc (www.wrt54g.net is a good start) These are modified firmwares for the WRT54G and most come with extra features including expanded QoS, which would allow you to do what you want.

In addition, HyperWRT might be exactly what you're after.

<edit>DON'T flash without reading up on it first!</edit>

zoro

zuma wrote:

If I was your flatmate, and paid an equal share as you for Broadband, then found out what you are trying to do I would get very ANGRY!

If that were the case, then your own internet activities would be causing his connection to be about as useful as spitting in the wind.

What if he wanted to game??
If you were sharing the cost, then you're SHARING the bandwidth, it doesn't mean that you have a 1 meg line, it means you have half of one. Or in this case, a third

zuma

secret_squirrel,

Why cant you just ask them to limit their upload speed using one of the bandwidth manager programs out there?

If you cant ask them to simply decrease their upload speed whay on earth did you ever agree to get broadband with them??

As I said before, if I found you trying to limit my connection on the sly then I and most people would NOT be happy!!!

If your flatmates wont decrese their upload rate....why not?

If I was in your position I'd leave the flat!

zoro

zuma wrote:

As I said before, if I found you trying to limit my connection on the sly then I and most people would NOT be happy!!!

If I was in your position I'd leave the flat!

1: He'd be limiting your connectin so that he'd have a _usable_ one.

2: That's just ridiculous. There are plenty of ways to sort out the problem without resorting to such an overreaction

WizZard

zuma wrote:

As I said before, if I found you trying to limit my connection on the sly then I and most people would NOT be happy!!!

it's not on the sly, they are presumably paying for a portion of the cost, therefore they only get a portion of the bandwidth.
That's fair.
What he is trying to do is enforce this reasonably.

zuma

Bandwidth limiting programs work fine as long as the other party agrees to be limited!

Ask them and see if they will lower their upload speed to 6k or something to allow you to use the connection.

zoro

zuma wrote:

Bandwidth limiting programs work fine as long as the other party agrees to be limited!

Ask them and see if they will lower their upload speed to 6k or something to allow you to use the connection.

The user limiting it themselves simply will not work.
TBH, I wouldn't trust ANYONE not to just disable the limiter for an hour or 2 while they download that last thing that they need. The connection becomes unusable if you're downloading/uplaoding constantly.

The OP is fully withing his rights to make sure that it's a reliable connection for EVERYONE. Not just his warezwhore of a housemate.

WizZard

zuma wrote:

Bandwidth limiting programs work fine as long as the other party agrees to be limited!

Ask them and see if they will lower their upload speed to 6k or something to allow you to use the connection.

But it's not enforced, i.e. they can decide at some time "Ooh, I need to get this blah-blah downloaded fast, there's just 100mb left. I'll just turn off my limiter until it's finished."
However if the OP was gaming at the time, or doing something else that was as time-sensitive his experience would be negatively impacted, not to mention the other person on the connection.

zuma

I know its not set in stone and can be turned off any time they want...but honestly, if you cant trust them to keep their connection limited so it an be shared out between yourselves...why are you still paying for it?

Hey "WizZard" & "Zoro"
Before you chop up what I have just typed..mabye try and find an answer to this prblem yourselves as anyone can make mince meat of someone elses proposal!!!

zoro

zuma wrote:

Hey "WizZard" & "Zoro"
Before you chop up what I have just typed..mabye try and find an answer to this prblem yourselves as anyone can make mince meat of someone elses proposal!!!

Surely our intentions are clear? ...
Either enforce simple QoS with a better firmware on the router, or setup a separate linux box to handle QoS and traffic shaping - keeping the router on a separte NIC on the linux box so as to prevent any attempt at bypassing it.

zuma

zoro wrote:

Surely our intentions are clear? ...
Either enforce simple QoS with a better firmware on the router, or setup a separate linux box to handle QoS and traffic shaping - keeping the router on a separte NIC on the linux box so as to prevent any attempt at bypassing it.

I doubt he will have a spare "linux box to handle QoS and traffic shaping" hanging around.

Unless someone knows how to modify the firmware, then the only solution is Bandwidth limiter progs.

End.

zoro

zuma wrote:

I doubt he will have a spare "linux box to handle QoS and traffic shaping" hanging around.

Unless someone knows how to modify the firmware, then the only solution is Bandwidth limiter progs.

End.

So difficult to keep away from flamebait - it really is ...

WizZard

zuma wrote:

Hey "WizZard" & "Zoro"
Before you chop up what I have just typed..mabye try and find an answer to this prblem yourselves as anyone can make mince meat of someone elses proposal!!!

Or we could debate/talk about the best ways of solving this problem, as I thought we were. Don't take anything personally zuma - I am just pointing out flaws in your solution, and not insulting you (hopefully).
Your solution hinges on being able to trust the other people to *never* turn off their bandwidth limiters. I put it to you that if these people cared about the bandwidth/pings of others on the line this question would never have been posed. Therefore they are not people whom I would trust to manage their own bandwidth.
So the best solution would be one which is set up fairly and uses rules to decide who has access to what bandwidth.

My own solution has it's flaws: it requires you to break your warranty with the manufacturer by replacing the firmware with a third party one. Some of the firmwares also require linux experience as there are no GUIs (OpenWRT in particular, although it now comes with a web interface)

WizZard

zuma wrote:

Unless someone knows how to modify the firmware

Umm, that's what I have linked to - custom firmware designed with this type of thing in mind (in my first post to this thread).
A lot of them come with enhanced QoS options, which are perfect for this situation.

<edit>HyperWRT and DD-WRT come with suppotr for optimised gaming QoS, meaning that they can give gaming traffic higher priority than any other traffic</edit>

secret_squirrel

Dear Flamebait,

1. Dont jump to conclusions. The BB is in my name and any charges I get are retrospectively passed onto them. We have an agreement to share it. The connection also passes through My wireless router and ADSL modem and in one case MY wireless card I have lent out. I regard the connection as mine to do what I like with - provided I give them the common courtesy of telling them in advance..... which leads me to :

2. What makes you think I havent told them? They know what I am attempting to do and are cool with it.

3. They are both bigger downloaders than I am and yet I we split it an equal 3 ways, because as long as they dont blow the cap Im not bother what they do. I should point out that as the registered owner of the IP then I am the one taking all the risks of the RIAA coming to call.

4. I had to enable QOS again even to post here tonight.

5. If you had got off your high horse you would have seen that Wizzard had already pointed out firmwares that have extra QOS abilities in the, rather than your naivity of suggesting they install bandwidth limiters on their PC's. (thanks Wizzard meant to look at other firmwares but hadnt got round to it yet)

6. Im quite capable of loading a thirdparty firmware on thanks all the same.

7. If necessary I have enough bits and pieces around to build a linux box.

8. Im only really after a temporary solution. I will review it after the eircom upgrades in Jan.

Wizzard, Zoro - thanks for the useful posts guys.

DemonOfTheFall

Yeah, secret_squirrel you'll find that your connection will become much more multi-user friendly once you have more than 128k upload available to you. Even if everyone is still raping it with P2P, 300k upload speed makes everything go a lot smoother and less hassle/timeouts/etc. all around.

secret_squirrel

DemonOfTheFall wrote:

Yeah, secret_squirrel you'll find that your connection will become much more multi-user friendly once you have more than 128k upload available to you. Even if everyone is still raping it with P2P, 300k upload speed makes everything go a lot smoother and less hassle/timeouts/etc. all around.

Fingers crossed thats what Im hoping. Then I will be posting about blocking off more of the upload bandwidth for my VOIP

CyberGhost

zuma wrote:

If I was your flatmate, and paid an equal share as you for Broadband, then found out what you are trying to do I would get very ANGRY!

Honestly unless if badly affects your surfing, let it be or else move out...simple!

It REALLY kills connection, when I'm leeching stuff, the browser is crawling.

and if the downloader was my flatmate, I'd be equally pissed at him.

Also it's a P2P, can't he turn it on at nights only?

Squrrel, you guys should work out a time thing, install a peerguardian for them, and let them download at nights, say from 12-1 and turn it off at say 9-10AM? P2P doesn't need much monitoring, so I don't think it'd be a problem, and you'd use broadband during day. Problem solved

Of course there are always better ways


EDIT: btw, did you try that QoS thing? does it really work? and why doesn't my D Link have QoS option?

Capt'n Midnight

squid has delay pools - unfortunately because of contention you can't put a cap on the upload speed as it could still use all available bandwidth

By any chance does the P2P app have settings you could change ? many downloaders have options for different speeds at different times.
That way web and other services would be unaffected.

zoro

I've just remembered this ...
http://www.boards.ie/vbulletin/showthread.php?t=169070&highlight=irma

Try that out

CyberGhost

zoro wrote:

I've just remembered this ...
http://www.boards.ie/vbulletin/showthread.php?t=169070&highlight=irma

Try that out

Hahaha, that reminds of a prank that I played on my father, I spoofed email - binladen@alqaeda.com, asking him to join and that he'd rewarded and stuff like that, he got up at 5am to take a c**p, and checked his email on his PDA while he was at it. And when he read it, he straight away ran to Gardi at 5am! lol. The funny thing is that he always asks me about every little f*****g thing about computers, and now when he really should have asked what to do, he didn't! he was so pissed later when he found out it was me.

secret_squirrel

zoro wrote:

I've just remembered this ...
http://www.boards.ie/vbulletin/showthread.php?t=169070&highlight=irma

Try that out

Class! Probably wouldnt work on the techie flatmate but would work on the noobish one!