You are not logged in.

Pages: 1

#1 2014-06-14 10:45:31

Butcher
Member
Registered: 2009-02-04
Posts: 158

arpspoof as QoS

Hello, I currently use arpspoof to ban some users from my network by poisoning them and then disabling net.ipv4_forward, effectively leaving them with no connectivity at all.

I would like to know if it would be possible to just reduce their bandwidth with this system.

Offline

#2 2014-06-14 18:37:40

dodo3773
Member
Registered: 2011-03-17
Posts: 818

Re: arpspoof as QoS

Yeah if you are know which ip they are on the lan specifically here is what I do (where router is 192.168.1.1 and person you want to limit is 192.168.1.3 for example):

# echo "1" >> /proc/sys/net/ipv4/ip_forward
# arpspoof -i eth0 -t 192.168.1.1 192.168.1.3
# arpspoof -i eth0 -t 192.168.1.3 192.168.1.1

and then run this script (the variables should be self explanatory):

#!/bin/bash
#  tc uses the following units when passed as a parameter.
#  kbps: Kilobytes per second 
#  mbps: Megabytes per second
#  kbit: Kilobits per second
#  mbit: Megabits per second
#  bps: Bytes per second 
#       Amounts of data can be specified in:
#       kb or k: Kilobytes
#       mb or m: Megabytes
#       mbit: Megabits
#       kbit: Kilobits
#  To get the byte figure from bits, divide the number by 8 bit
#
TC=/usr/sbin/tc
IF=eth0		    # Interface 
DNLD=20kbit          # DOWNLOAD Limit
UPLD=5kbit          # UPLOAD Limit 
IP=192.168.10.3     # Host IP
U32="$TC filter add dev $IF protocol ip parent 1:0 prio 1 u32"
 
start() {

    $TC qdisc add dev $IF root handle 1: htb default 30
    $TC class add dev $IF parent 1: classid 1:1 htb rate $DNLD
    $TC class add dev $IF parent 1: classid 1:2 htb rate $UPLD
    $U32 match ip dst $IP/32 flowid 1:1
    $U32 match ip src $IP/32 flowid 1:2

}

stop() {

    $TC qdisc del dev $IF root

}

restart() {

    stop
    sleep 1
    start

}

show() {

    $TC -s qdisc ls dev $IF

}

case "$1" in

  start)

    echo -n "Starting bandwidth shaping: "
    start
    echo "done"
    ;;

  stop)

    echo -n "Stopping bandwidth shaping: "
    stop
    echo "done"
    ;;

  restart)

    echo -n "Restarting bandwidth shaping: "
    restart
    echo "done"
    ;;

  show)
    	    	    
    echo "Bandwidth shaping status for $IF:\n"
    show
    echo ""
    ;;

  *)

    pwd=$(pwd)
    echo "Usage: $(/usr/bin/dirname $pwd)/tc.bash {start|stop|restart|show}"
    ;;

esac

exit 0

You would have to repeat the same process for each ip you want to throttle. Luckily, it's usually only one trouble maker at time on my lan.

Edit: Since /usr/sbin just points to /usr/bin could probably change that in the script if you wanted to.

Last edited by dodo3773 (2014-06-14 18:39:17)

Offline

#3 2014-06-14 18:59:33

Butcher
Member
Registered: 2009-02-04
Posts: 158

Re: arpspoof as QoS

Thanks, will try that.

Offline

Pages: 1

Board footer

Powered by FluxBB