How do I set up a proxy server for home with bandwidth control, download limit options?

firmware bandwidth home-networking download wireless-router

Solution 1:

Don't do it with Squid : you need control for everything, not just for HTTP on port 80.

The answer requires iptables with the '--quota' option, which implements network quotas by decrementing a byte counter with each packet. The argument of "--quota" is a value in bytes.

There shall be one chain for each user. First rule of the chain counts down a 13 GB quota for packets from 192.168.0.2 and accepts the packet if it is below quota:

iptables -A INPUT -p tcp -s 192.168.0.2 -m quota --quota 13958643712 -j ACCEPT

Second rule of the chain classify over-quota packets in a tc class of your choice :

iptables -A INPUT -p tcp -j CLASSIFY --set-class 1:12

Then it's all classic traffic shaping : http://tldp.org/HOWTO/Traffic-Control-HOWTO/

Of course, you need to use static IP allocation or make sure that DHCP allocates addresses fixed by device's MAC address - and you need to block all addresses but the identified ones of the devices belonging to one of the three users.

By the way, you mention that "when 2 people browse the internet they should get 1 Mbps each, and when 3 people access, they should get 2Mbps divided by 3" but you can do better than that when you set up your traffic classes hierarchy: your requirement should rather be "when two people browse the internet they should not get less that 1 Mbps each, and when three people access, they should get not get less that 2 Mbps divided by 3" so that each can get more if the other people use less than their guaranteed throughput... And tc lets you do that !

Since your router is supported by openwrt and dd-wrt, you have all the tools you need !

Solution 2:

I can't remember off hand if it supports all the features you mention, but I can highly recommend pfSense as a router solution. It's small enough to run of a USB disc, and provides a host of sharing solutions. I had the squid add-on installed for example to provide a transparent proxy to all the internal servers, and even at a package installed to get detailed reporting of network usage.

I also offers internet cafe type features, for example a logon page for guests to use the system. It's easy to set up in a VM, and there is a lot of documentation about how to install it with various different configurations.

I used this at home with 8 other machines. You might find, with it correctly setup, you may not need to introduce the limits as heavily as you have.

Related

Macbook Air M1 Display Issue
how to pull into multiple branches at once with git?
Prevent Chrome from automatically opening files?
Is it possible to schedule send an email using the default Mail OS app?
What hardware device used to eat up 1.4GB of my 4GB RAM, and now suddenly after no hardware changes eats up 2.2GB?
Windows: How can I see disk space used over time?
Remove audio device which is not kext
Why does the GMail web page use so much RAM? [closed]
After updating my iPhone to iOS 13.5.1, I can't login to my Apple ID - "Verification Failed '' error
How to remove OCR from a PDF?
Recommended malware/virus scanner for mac? [duplicate]
How can I force YouTube to not use HTML5 player because it is not working on the latest version of Firefox and now I can't see any video?