Loophole of quota function

Report issues relating to bandwith monitoring, bandwidth quotas or QoS in this forum.

Moderator: Moderators

sajjadhalai
Posts: 108
Joined: Sun Apr 08, 2012 6:54 am

Re: Loophole of quota function

Postby sajjadhalai » Mon Nov 25, 2013 4:00 am

u can block any mac and any IP, for which u dont want to access ur internet..

go to restriction add rule for and use "blockAllExcept", the list of MAC u want.

and similar function is in bottom "allow list" and use "allow only" for allow list..

u can use as vice versa.
u should use both simaltaneouly to make ur rule perfect..

Cachorro
Posts: 44
Joined: Sat Jun 15, 2013 7:38 am

Re: Loophole of quota function

Postby Cachorro » Sun Dec 01, 2013 5:24 am

To sajjadhalai

Thanks for you post, but I don't believe you understand the issue here.
Please re-read my post for Mon Aug 12, 2013 11:27 pm , that example should explain concept of the problem.

yc3948
Posts: 164
Joined: Sat Sep 10, 2011 1:04 am

Re: Loophole of quota function

Postby yc3948 » Fri Aug 01, 2014 4:40 am

Cachorro wrote:Hi Eric,
Yes, that would work. And has worked unless someone witty and willingly comes along to 'steal' someone else's Quota by setting their IP to a known IP that is allowed and has still quota available.

Mainly, what I have discovered is resolved by the DHCP tick of "Block MAC addresses assigned a static IP that connect from a different IP", which does not seem to want to work for me.

Say, as I have tested:
I have two computers with their MACs in the DHCP pool assigning them with an IP, say 1 and 2.
If I change the IP on computer #2, to the IP of #1, the router still happily allows traffic thru the gateway and it consumes #1's Quota.
Is this a known issue?
I am happy to send you any of my router's config and logs if you would like to have a look at them (on PM).

Thanks,
Cachorro./


this is why I post here
Buffalo WZR-HP-G300NH2 DD-WRT v24SP2-MULTI (10/31/11) std
Buffalo WZR-HP-G300NH Gargoyle 1.5.9+1f082daf
Linksys WRT54GL Gargoyle 1.4.4
TP-Link TL-WR1043ND Gargoyle 1.5.9+1f082daf

Cachorro
Posts: 44
Joined: Sat Jun 15, 2013 7:38 am

Re: Loophole of quota function

Postby Cachorro » Fri Aug 01, 2014 5:59 am

To Eric.
What do you mean?

Cachorro
Posts: 44
Joined: Sat Jun 15, 2013 7:38 am

Re: Loophole of quota function

Postby Cachorro » Fri Aug 01, 2014 6:01 am

Sorry, I didn't mean Eric. I meant YC3948.

Cachorro
Posts: 44
Joined: Sat Jun 15, 2013 7:38 am

Re: Loophole of quota function

Postby Cachorro » Sun Sep 14, 2014 12:18 am

Cachorro wrote:Hi,
Has anyone been able to resolve this? :?:
Thanks.

++++++++++
[quote="Postby Cachorro » Mon Aug 12, 2013 11:27 pm

Hi Eric,
Yes, that would work. And has worked unless someone witty and willingly comes along to 'steal' someone else's Quota by setting their IP to a known IP that is allowed and has still quota available.

Mainly, what I have discovered is resolved by the DHCP tick of "Block MAC addresses assigned a static IP that connect from a different IP", which does not seem to want to work for me.

Say, as I have tested:
I have two computers with their MACs in the DHCP pool assigning them with an IP, say 1 and 2.
If I change the IP on computer #2, to the IP of #1, the router still happily allows traffic thru the gateway and it consumes #1's Quota.
Is this a known issue?
I am happy to send you any of my router's config and logs if you would like to have a look at them (on PM).

Thanks,
Cachorro./[/quote]
++++++++++++++

Anyone been able to resolve this?
If I want to do it via command line, which file/files would I need to look at editing to achieve it?
And what command/syntax would I be looking at using?

Thanks.

ee6
Posts: 2
Joined: Wed Nov 05, 2014 6:34 am

Re: Loophole of quota function

Postby ee6 » Wed Nov 05, 2014 7:00 am

If you don't need the switch, you can disable it:
http://wiki.openwrt.org/doc/uci/network/switch

You can also only allow certain MAC addresses by configuring the firewall
http://wiki.openwrt.org/doc/uci/firewall

Both of the above will have to be done via SSH.

HTH

Cachorro
Posts: 44
Joined: Sat Jun 15, 2013 7:38 am

Re: Loophole of quota function

Postby Cachorro » Tue Dec 16, 2014 2:21 am

In reply to ee6

Thank you ee6, I would have to do my reading on this then.
Just to make sure, this will allow me to block any IP address that is in my DHCP pool, and in my current allowed WAN-LAN firewall, to be blocked if trying to access Internet using a different IP than the one assigned by the DHCP service?

Thank you.

sajjadhalai
Posts: 108
Joined: Sun Apr 08, 2012 6:54 am

Re: Loophole of quota function

Postby sajjadhalai » Sun Jun 07, 2015 11:25 pm

Bloack static Ip wich use different IP
this option works in all routers but this wont work in those routers which have less memory and low Flash ROM..
i,e 2-4 flash rom and 16-32 Ram---that type of rtrs might have not work those options.. else post ur dhcp list full and explain in that and post snapshot for quoatas page also..


Return to “Monitoring / Quota / QoS Issues”

Who is online

Users browsing this forum: No registered users and 3 guests