MikroTik

How to limit connection to an IP ?

0 name="queue-test" target-addresses=172.168.100.231/32
dst-address=203.x.x.x/32 interface=all parent=none direction=both
priority=8 queue=default-small/default-small limit-at=0/0 max-limit=0/24000
total-queue=default-small

So, i want to limit connection from 172.168.100.231 to 203.x.x.x at 24k
But the simple queue doesn't work.... i already move the chain to top of the list

but, i can limit all connection from that IP and it works!
1 name="queue-172.168.100.231 (Jack)" target-addresses=172.168.100.231/32
dst-address=0.0.0.0/0 interface=all parent=none direction=both priority=8
queue=default-small/default-small limit-at=0/0 max-limit=16000/24000
total-queue=default-small

Hi,

"dst-address=203.x.x.x/32" are you sure????

I think that this is your problem, try with dst-address=203.x.x.x/24

Goodbye.

I already tried with:
subnet mask 255.255.255.0 or 24 on 203.84.155.150 and mikrotik force it to 203.84.155.0, well it's ok for testing.. so will affect to all ip in that subnet, once again.. it's ok for testing.

0 name="queue-test" target-addresses=172.168.100.231/32
dst-address=203.84.155.0/24 interface=all parent=none
direction=both priority=8
queue=default-small/default-small limit-at=0/5000
max-limit=0/5000 total-queue=default-small

but still, the bandwidth limiter for that IP doesn't work.. actually on that IP / site there is bandwidth tester and it's not limited!... from proxy i can see the IP for testing bandwidth is correct (203.84.155.150). So, where is the problem?


0 name="queue-test" target-addresses=172.168.100.231/32
dst-address=203.84.155.150/32 interface=all parent=none
direction=both priority=8
queue=default-small/default-small limit-at=0/5000
max-limit=0/5000 total-queue=default-small

it's same! the bandwidth limiter doesn't work!


I need assistance!

then i tried mangle the connection, mark the packet from that IP, then limit it

ip firewall mangle
6 chain=prerouting src-address=172.168.100.231
action=mark-connection new-connection-mark=clients-test
passthrough=yes

7 chain=prerouting dst-address=203.84.155.150
connection-mark=clients-test action=mark-packet
new-packet-mark=packet-test passthrough=yes

queue simple
0 name="queue-test" target-addresses=172.168.100.231/32
dst-address=0.0.0.0/0 interface=all parent=none
packet-marks=packet-test direction=both priority=8
queue=default-small/default-small limit-at=0/24000
max-limit=0/24000 total-queue=default-small


i see there is outgoing traffic on Upload Rate and Uploaded Bytes, but there is no traffic from Download Rate and Downloaded Bytes... well, i already tried other settings, but still there is no traffic for Download

I believe if there is incoming traffic (Download), the bandwidth limiter will work.. any idea??

please help me thanks..

is there any help?

hi. try yto use packet-marks only on queue trees. On simple queue as you are using, on target-address dont place /32 at end of ip, and all should be fine!