| . : Rate-limiting RapidShare - Mikrotik : . |
|
I have to say that RapidShare is a great invention, but sometimes it can be a problem that they are so well connected *G* Compared to torrent/edonkey/... RapidShare customers normally have full speed for their downloads from the very first second. RapidShare is connected by many HUGE carriers, like Global Crossing (Tier 1), Cogent (Tier 1), Level3 (Tier 1), ... which is just great for the person downloading, but on the other hand it's sometimes a pain in the admin's a**. The bandwidth you are giving your customers will be used for the download - completelly! A let's say 8mbit cable client will download with 8mbit. If you want the customers to browse the web lightning fast but don't want him to constantly consume his full bandwidth by downloading multiple gigs from RapidShare, you could do the following: Create an address list with all RapidShare networks (2008-12-03) /ip firewall address-list add address=62.140.31.0/24 list=RapidShare add address=62.153.244.0/24 list=RapidShare add address=62.67.46.0/24 list=RapidShare add address=62.67.50.0/24 list=RapidShare add address=62.67.57.0/24 list=RapidShare add address=64.211.146.0/24 list=RapidShare add address=64.214.225.0/24 list=RapidShare add address=64.215.245.0/24 list=RapidShare add address=80.152.62.0/24 list=RapidShare add address=80.231.128.0/24 list=RapidShare add address=80.231.24.0/24 list=RapidShare add address=80.231.41.0/24 list=RapidShare add address=80.231.56.0/24 list=RapidShare add address=80.239.137.0/24 list=RapidShare add address=80.239.151.0/24 list=RapidShare add address=80.239.152.0/24 list=RapidShare add address=80.239.159.0/24 list=RapidShare add address=80.239.226.0/24 list=RapidShare add address=80.239.236.0/24 list=RapidShare add address=80.239.239.0/24 list=RapidShare add address=82.129.33.0/24 list=RapidShare add address=82.129.35.0/24 list=RapidShare add address=82.129.36.0/24 list=RapidShare add address=82.129.39.0/24 list=RapidShare add address=195.122.131.0/24 list=RapidShare add address=195.122.149.0/24 list=RapidShare add address=195.122.151.0/24 list=RapidShare add address=195.122.152.0/24 list=RapidShare add address=195.122.153.0/24 list=RapidShare add address=195.219.1.0/24 list=RapidShare add address=206.57.14.0/24 list=RapidShare add address=207.138.168.0/24 list=RapidShare add address=208.48.186.0/24 list=RapidShare add address=212.162.2.0/24 list=RapidShare add address=212.162.63.0/24 list=RapidShare add address=217.243.210.0/24 list=RapidShare BTW: It was a quick and dirty awk hack with /24 only, but 195.122.152.0 could be added as /23 as well! Now let's mark all traffic that matches the address list /ip firewall mangle add action=mark-connection chain=prerouting comment="Entire Traffic" \ disabled=no new-connection-mark="Entire Traffic" \ passthrough=yes add action=mark-connection chain=prerouting \ comment="RapidShare Connections" connection-mark="Entire Traffic" \ disabled=no new-connection-mark="RapidShare Connections" \ passthrough=yes src-address-list=RapidShare add action=mark-packet chain=prerouting comment="RapidShare Traffic" \ connection-mark="RapidShare Connections" disabled=no \ new-packet-mark="RapidShare Traffic" passthrough=no This is the interessting part: Limit 'em *G* (in this case it's 1M) /queue simple add comment="RapidShare" direction=both disabled=no \ dst-address=0.0.0.0/0 interface=all limit-at=1000000/1000000 \ max-limit=1000000/1000000 name="RapidShare" \ packet-marks="RapidShare Traffic" parent=none priority=8 \ queue=default-small/default-small total-queue=default-small Disclaimer: Use on your own risk, absolutely no warranty and.... please be nice to your clients!!!! I hate sadistic admins who want the clients to have no fun at all, but if you are sure that RapidShare is used for sharing of the latest movies and other warez, you might just have to limit (or even block) it. The address list was a quick and dirty hack (as mentioned above), so maybe there is a network shown as /24 which might be /25 or less and you block something/somebody else by accident! http://en.wikipedia.org/wiki/Network_neutrality |