Monday, 8 June 2015

Block Download Based On Download Sizes

In This Articles , i want describe , how to block download more than 10 MB per Bytes .
After Downloaded 10 MB , Download Would Stop. In This Example , i Want block download per Source And Destination .For Example , Everybody can download file from one server , and he want open a new session with a new server for other works .
for this reason , we sign Source And Destinations with Src Address List And Dst Address List , And Then Download More Than 10 MB stop for These Addresses .
We Need Three Rules .
Rule 1 : Match And Assign Source Of Download To A New Address List .
Rule 2 : Match And Assign Destination of Download To A new Address list .
Rule 3 : Block Every Session ( Download ) , That Size Is More That 10 MB .

/ip firewall filter
Rule 1:
add action=add-src-to-address-list address-list=Src address-list-timeout=1h \chain=forward connection-bytes=1970000-0 disabled=no protocol=tcp \src-address=192.168.0.0/24 
Rule 2:add action=add-dst-to-address-list address-list=Dst address-list-timeout=1h \
chain=forward connection-bytes=1970000-0 disabled=no protocol=tcp \
src-address=192.168.0.0/24
Rule 3:add action=drop chain=forward disabled=no dst-address-list=Dst protocol=tcp \
src-address-list=Src

In this Example , I Assign Every Users In 192.168.0.0/24 Subnet , They have more that 10 MB size to Download After that , in Last Rule , I Block That Session To block Download for 1 Hour .
If users want to download 40 MB file , every 10MB file downloaded , they need wait to 1 Hours ,

No comments:

Post a Comment