dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1291
Xtreme2damax
join:2007-03-21
Port Byron, NY

2 edits

Xtreme2damax

Member

Verizon Actiontec Firewall and qos.

My parents are on capped internet (15GB /mo) and something on my sisters laptop or something she is doing online is eating through a lot of data.

I've tried filtering access to multiple streaming websites, windows update, download sites from the router but data is still going down quickly whenever she is on. She's non-savvy so that should have been enough to stop her unless the website is https which for some reason can bypass router filters and host files. My goal is to firewall everything and manually specify exceptions. My other option is to employ some form of qos or traffic shaping on her that will slow her way down or cut her off if she starts using too much data. My dad has to do work for his job which he can't do if the fap kicks in and slows everything way down to the point it breaks the internet.

On the Actiontec firewall settings I selected Maximum security which blocks outbound connections. This blocks Steam and other services from online functionality but I can't seem to restore functionality by forwarding ports in the router. Can someone help me out here? We have to do something as she is burning through their cap before mid cycle. Bringing the data usage up or yelling at her causes her to be defiant and do it all the more, my parents refuse to cut her off. My sister won't allow me access to her laptop to check for malware or if there is some app eating data. Because of this I can't see what websites she is going on to blacklist accordingly.

So the only option is firewall everything and make individual exceptions after review or employ traffic shaping only allowing unrestricted access during the lnfz/bonus period from 2AM to 8AM.

Thanks. If this is the wrong section please move.

Edit: I have to figure something else out as I can only filter a certain number of url's from the router.
HELLFIRE
MVM
join:2009-11-25

1 recommendation

HELLFIRE

MVM

said by Xtreme2damax:

firewall everything and make individual exceptions after review

Just to warn you, this will be a PITA to manage, bar none. Having seen this "deny anything unless it's been
reviewed by upper management" stance in the workplace, you're setting yourself up for a maintenance headache.
said by Xtreme2damax:

employ traffic shaping only allowing unrestricted access during the lnfz/bonus period from 2AM to 8AM.

Only way I see this working is with non-stock, non-carrier-supplied equipment... of which carries its own
learning curve.

What about installing some tool to count useage? You can do this system by system, or load alt firmwares
like DDWRT, tomato, etc. to do this. Or go allout and roll your own *nix distro router.

My 00000010bits

Regards
Xtreme2damax
join:2007-03-21
Port Byron, NY

Xtreme2damax

Member

Monitoring usage isn't the problem my sister who won't listen and do as she pleases is. I'm trying to figure a way to effectively filter out streaming sites, p2p, video and voice chat through skype etc.. windows updates. At the very least throttle her usage down when she starts consuming to much or cut her off completely for the month when so many GB are used.

When she is not on her laptop there is barely any usage but with her on 500MB and up to 1GB+ can disappear within less than a day.

sivran
Vive Vivaldi
Premium Member
join:2003-09-15
Irving, TX

1 recommendation

sivran to Xtreme2damax

Premium Member

to Xtreme2damax
Replace the Actiontec with something more capable or, go extreme:

1. Assign her a reserved IP via Advanced - IP Address Distribution - Connection List - New Static Connection. Specify her MAC address and an IP.
2. Create firewall rules - port 80 outbound only.
3. Smile sweetly when she complains.
HELLFIRE
MVM
join:2009-11-25

1 recommendation

HELLFIRE to Xtreme2damax

MVM

to Xtreme2damax
said by Xtreme2damax:

I'm trying to figure a way to effectively filter out streaming sites, p2p, video and voice chat through skype etc.. windows updates.

Think I already gave you a solution to that in my previous post -- "non-stock, non-provider supplied equipment."

Offhand, that's DDWRT / tomato / et al flashed onto a router, or running a router/firewall distro like pfsense,
Vyatta, Untangle, or something like Astaro Security Gateway.
said by Xtreme2damax:

At the very least throttle her usage down when she starts consuming to much or cut her off completely for the month when so many GB are used.

If you're looking for a device that does "when util hits X, then do Y 'automagically'", I'll tell you one doesn't
exist at all. YOU will have to watch for utilization, then YOU will have to manually apply the throttling.

I rather like sivran See Profile 's suggestion... tho you'll also have to include outbound DNS / UDP53 as well.

My 00000010bits

Regards

sivran
Vive Vivaldi
Premium Member
join:2003-09-15
Irving, TX

sivran

Premium Member

Hey, I deliberately left that out.

SYNACK
Just Firewall It
Mod
join:2001-03-05
Venice, CA

1 recommendation

SYNACK to Xtreme2damax

Mod

to Xtreme2damax
said by Xtreme2damax:

My parents are on capped internet (15GB /mo) and something on my sisters laptop or something she is doing online is eating through a lot of data.

15GB seems very low. Is this on verizon wireless or some satellite plan?

The typical Verizon service that comes with an actiontec router is FIOS and there are no real data caps, just speed caps. Can you tell us exactly what service and plan your parents have? What happens after 15GB (overages, no service, friendly letter from verizon, etc.).
Xtreme2damax
join:2007-03-21
Port Byron, NY

Xtreme2damax

Member

I see but it's my parents internet and I don't want to invest in or pay for new equipment. I'm sure my parents don't want to nor have the money to invest in new equipment either. The best I could do is either use the current router or set up a nix box between everyone and the router/internet to manage this if possible. I have a couple spare boxes not getting any use that would be ideal for this.

I tried cranking up the firewall settings on the actiontec which only allows http, https, dns etc.. traffic. But it blocks online functionality from Steam and anything else on non standard ports. I can't find a way to manually allow exceptions as forwarding ports isn't enough. As long as she can still access websites she can stream video, music and voice/video chat. I would still need to figure a way to effectively blacklist video, music streaming websites, video chat, voice chat and windows updates.

I'll try what sivran mentioned to see how it works out. This is only to apply to her connection and not other members of the family connected.

sivran
Vive Vivaldi
Premium Member
join:2003-09-15
Irving, TX

sivran

Premium Member

One thing I forgot about is the Actiontec has Parental Controls. Once you have her on a reserved IP it becomes easier to use those.

However, as you've noticed, https won't be blocked. The Actiontec cannot decrypt the request. At the consumer level there's very little that can be done about that--you'd have to block ALL https (all 443 outbound) or block/interfere with the DNS request (set up a *nix box with a DNS server and a hosts file, configure the actiontec to point to it as DNS, or create an account on OpenDNS and use their filtering).
Xtreme2damax
join:2007-03-21
Port Byron, NY

1 edit

Xtreme2damax to SYNACK

Member

to SYNACK
It's satellite and the actiontec is from when I had fios before moving from the city. As far as I knew the routers used to be given out gratis with install and I was not required to return it so I lended it to my parents to use.
Xtreme2damax

1 edit

Xtreme2damax

Member

I wish the router had logs of recently accessed websites and ip addresses which would make this easier to figure out what is causing massive data drain which mostly happens when shes connected.

According to my mother no one else is online. Only me and my sister are online. I only have Facebook and a couple forums up, autoplay videos are disabled and I use adblock. Automatic updates disabled on my system and nothing running but Steam. Nothing is updating or downloading on Steam. In less than a half hour there's been around a GB of usage just from her system alone. We know it's coming from her system because there is massive data drain with just her laptop on and no other devices powered on and connected.

I'm thinking maybe a virus, spyware, adware or whatever but I'm not sure it would have that massive of a drain on usage. Could be a background app or something on Windows 8 but I don't know nor can I fix it unless she lets me into her laptop to try resolving this issue. Not sure if this can be nullified from the router. I'd hate to block her or restrict her if she is actually not doing anything and is unaware of something on her laptop using so much data.

She must like being blamed though cause she won't let me look at her laptop so I can try fixing the issue. Due to this and her recent actions we automatically assume she is hiding something and doing stuff she is not supposed to be doing.
HELLFIRE
MVM
join:2009-11-25

HELLFIRE to Xtreme2damax

MVM

to Xtreme2damax
said by Xtreme2damax:

I don't want to invest in or pay for new equipment.

said by Xtreme2damax:

I'm sure my parents don't want to nor have the money to invest in new equipment

....suffice to say "I know I have a problem, I have been given the solution, but I don't want to do anything about it
because of X," well... I sincerely hope you know how well THAT attitude goes, especially in real life, OP...
said by Xtreme2damax:

I wish the router had logs of recently accessed websites and ip addresses which would make this easier to figure out what is causing massive data drain which mostly happens when shes connected.

...again, having worked professionally with systems that do this stuff, this is a PITA to manage. Unless you know
SPECIFICALLY what you're after, you're after a single snowflake in a nighttime blizzard in the Antarctic... and THAT'S on
a good day.

The LAST possible thing I can think of to help you is a program called wireshark. Basically turn off ALL devices
on your LAN EXCEPT your sister's laptop. Set it up to capture on another machine plugged into the Actiontech, and
there's a feature that gives you a breakdown of the IP address(es) and traffic type(s) runnng around.

I have some pretty big reservations about this as a) as I stated, it's not automagical -- I CANNOT STRESS THIS ENOUGH! ,
b) you're going to have to invest your own time in learning how this program works, and c) this program CAN and WILL
generate ALOT of output.

My 00000010bits

Regards
Xtreme2damax
join:2007-03-21
Port Byron, NY

Xtreme2damax

Member

Well I understand and appreciate suggestions provided so far. It's my parents internet so I'm definitely not paying for equipment and highly doubt my parents will shell out the likely large amount of cash to manage one person on the network. I can do something about it but atm I'm limited to the functionality of the current router or setting up a nix box with dns, hosts and firewall between the internet and the router to manage everything. I'm here to figure out how to work with what options I currently have available and set it up.

sivran
Vive Vivaldi
Premium Member
join:2003-09-15
Irving, TX

sivran to HELLFIRE

Premium Member

to HELLFIRE
I don't think the Actiontec either operates as a hub or has a span port...
HELLFIRE
MVM
join:2009-11-25

2 recommendations

HELLFIRE

MVM

Reread the thread end to end again, and noted OP didn't mention the EXACT make / model of actiontec, just
that it was used on FIOS prior. If it's a standard 1x WAN, 4x LAN RJ-45 jobbie -- and that's Ass-U-Me-ing
alot on my part, I know -- that's where I LOOOOOVE wireshark's "put NIC in promiscuous mode."

My 00000010bits

Regards
Xtreme2damax
join:2007-03-21
Port Byron, NY

Xtreme2damax

Member

I just know it's an actiontec not much else, I would have to unhook it at my parents place to look at it. I didn't know there were different models for Fios as two routers I received were identical and the installs were two years apart.

I know it has a WAN port, usb port, 4 LAN ports and an antenna.

Btw I throttled down all wireless connections to 128kbps. No other systems were connected. At first the throttle was at 64k the 96k and for some reason used 19MB when my sister had her laptop briefly powered on.

After bumping the throttle up to 128k for most of the day somehow 300MB vanished while all computers were throttled down and 400MB total were lost today.

I'm not sure what would constantly be receiving data that it would use that much with the speed throttled way down like it was.
Ole Juul
join:2013-04-27
Princeton, BC

Ole Juul to Xtreme2damax

Member

to Xtreme2damax
I'm sympathetic to the low capped usage situation. The regular account available in my area allows 20GB/month. I didn't think much about it other than me and my partner appear to use roughly that much or a little over. So anyway, in order to get a bit more speed, I decided to get the next tier up which allows 40GB/month. All was good and we were downloading radio shows and ISOs as often as we wished. Then LastFM (which didn't take much bandwidth) changed to using Youtube. Well, that made the usage skyrocket to almost 2GB/day! Really, one cannot use Youtube or any video sites without racing through the bits. I bet that's what your sister is doing. It's just the state of the internet these days. Stay away from video if you want to keep the usage down.

One of the things which I did a couple of years ago, is install a larger version of Tomato so I could monitor usage in real time, as well as per IP. Also see how much the usage was per day. You may want to do something like that. There's not much (if any) money involved in that approach. Tomato also allows you to control individual IPs bandwidth.

sivran
Vive Vivaldi
Premium Member
join:2003-09-15
Irving, TX

sivran to Xtreme2damax

Premium Member

to Xtreme2damax
Since it came from FIOS, it is an MI424WR. There are several revisions of it, but it's hard to tell that from visual inspection unless it's red. If it's red, it's a rev I. The rev I also has two antennae, and the built-in switch is gigabit (these may not be uniqute to the rev I). See this chart for technical differences. On all models, the USB port is inactive.

The actiontec does seem to run a stripped-down *nix but I doubt it will be compatible with any 3rd-party firmware out there. It DOES have a telnet shell where if you can puzzle out the commands--or find doc somewhere online--you might be able to do a bit more than from the GUI. Verizon's firmware does indeed hide some elements after all.
Xtreme2damax
join:2007-03-21
Port Byron, NY

Xtreme2damax

Member

What I'm trying to figure out is how my parents lost over 500MB in one day with speeds in the router throttled down to 128k. My guess is something is constantly receiving data, perhaps malware or something else running on my sister's system. However she keeps denying me access to her laptop to scan for malware and see what's using so much data. She probably is doing things she shouldn't be doing on low capped internet and knows I'll find out what she's going on or see her online posts such as FB where she probably rants about us when my parents scold her and she doesn't get her way.

She just gets pissed whenever my mother confronts her about the usage and even more data disappeared and keeps disappearing since confronting her. She has very short fuse, sour attitude and is defiant having no respect or consideration for anyone else but herself. She gets a pissy attitude and makes threats of bodily harm to herself and us if she doesn't get her own way and my parents try to discipline or control her in any way. She acts like she is entitled and it's her god given right to sit on a computer all day hogging the data despite not paying a cent towards the internet and her obscene usage. It's unfair to the rest of us especially my father who is paying for the internet and needs it for work. Once that cap is blown it becomes difficult to load anything, not only does pages load much slower but they constantly time out. My parents don't want to keep paying for tokens to compensate for her usage so my father can do work. Without her on 100MB can last us most of the day or even all day since all we are doing is going on email, facebook, internet forums and aren't online for the entire day.
Xtreme2damax

Xtreme2damax to Ole Juul

Member

to Ole Juul
About Youtube/Netflix. I can see multiple users take a hefty toll on data especially when it comes to streaming video and music. However I found lowering the quality conserves a massive amount of data. With Netflix at least I can disable hd and drop the quality down to like 375 or 500 bitrate and an hour long tv show will only consume around 200MB to 300MB. The problem with Youtube is dropping the quality makes the videos look worse i.e. more pixelated. I believe Netflix is using some new codec where bitrate can be dropped without taking a large hit on quality.

However that was when my Verizon lte was active, it's currently suspended while I catch up on the bill. Since I've been borrowing my parents internet I've avoided streaming sites and other high throughput activities online like the plague.
Ole Juul
join:2013-04-27
Princeton, BC

Ole Juul

Member

said by Xtreme2damax:

an hour long tv show will only consume around 200MB to 300MB

So you see, at 200MB to 300MB for an hour, if you listen to music using Youtube (like LastFM) then you'll easily have 2 GB down in a day.

sivran
Vive Vivaldi
Premium Member
join:2003-09-15
Irving, TX

2 recommendations

sivran to Xtreme2damax

Premium Member

to Xtreme2damax
How old is your sister?

Not that it matters -- cut her off anyway. Call her bluff.

You're trying to address a low-tech problem with a high-tech solution AND you don't really have the resources to implement a high-tech solution. Address the problem: her.
Xtreme2damax
join:2007-03-21
Port Byron, NY

1 edit

Xtreme2damax

Member

That's my parents choice who have been too easy on her over the years and hesitate showing her some tough love. Spoiled and entitled kids with their toxic attitudes these days.

The router does support traffic shaping but I can't easily figure out how to make it apply to individual connections. Currently I have a blanket throttle on all wireless connections. This affects me, my father and my mother since the only system directly connected to the router is my mothers computer and my mother usually uses her tablet.
Xtreme2damax

2 edits

Xtreme2damax

Member

How would something like OpenDNS work for blocking at least? Is there any advanced features of OpenDNS that would assist in neutralizing this? I don't think my parents will cut her off, she would just get more defiant and unruly raising hell until my someone would most likely give in. Either that or she would try taking over my mothers or my computer to get on.

It's bad enough whenever something goes wrong with the internet she thinks I had something to do with it and is like she'll bite my head off. :/
HELLFIRE
MVM
join:2009-11-25

HELLFIRE to Xtreme2damax

MVM

to Xtreme2damax
said by Xtreme2damax:

How would something like OpenDNS work for blocking at least?

»www.opendns.com/home-int ··· ns-home/

»www.opendns.com/enterpri ··· ltering/

may be some links to help start you out.

My 00000010bits

Regards
Xtreme2damax
join:2007-03-21
Port Byron, NY

Xtreme2damax

Member

Thanks.

Btw there's options for qos and traffic shaping in the Actiontec. Any idea how to make the throttle only apply to my sisters connection? I could only figure out how to apply it to the connection in the entirety such as ethernet, coax or wireless access point.

Hard Harry7
join:2010-10-19
Narragansett, RI

Hard Harry7

Member

said by Xtreme2damax:

Any idea how to make the throttle only apply to my sisters connection?

Have you tried the instruction on page 150 of the manual? Assuming its stock firmware on a MI424WR. Take note of step 3, your sisters IP or MAC should be in that drop down. Make sure to set a DHCP reservation for this IP/MAC so the rule sticks. Still wouldn't stop her from setting a static IP or cloning her MAC, but hopefully she isn't that smart...or reading this thread. LOL

»support.actiontec.com/do ··· 0_v4.pdf
Xtreme2damax
join:2007-03-21
Port Byron, NY

1 edit

Xtreme2damax

Member

I see. I wish it was just as simple as selecting her connection to apply the limit lol.

However there seems to be something more going on but that doesn't mean she is totally innocent. I've had the connection throttled at 128kbps and there is still an enormous amount of data being lost, much more than there should be although it's not as bad as it was.

Losing MB's in minutes and tens or hundreds of MB's within an half hour or hour(s) for no comprehensible reason. She seems to be the majority of the problem but not totally at fault. For her at least she seems to be running something or there is malware that is constantly receiving or transmitting data chugging away at the cap. If she is still trying to stream music, videos and load large images etc.. that is some patience and determination. Unless she is just running something out of spite but I don't think so as she would also be affecting the quality of her connection. No matter how mad she would get I don't think she would purposely do anything that would affect her enjoyment.

I'm not to worried she is in no way savvy or technical, she would have to know my username. Considering no names were mentioned I'm just some random person talking about his sister who is another random person. :P

Btw they never had this problem with the data. It seems data usage keeps increasing as time goes on. Sometimes data disappears when no one is on and large amounts of data will be gone for browsing webpages. The router is WPA2-PSK secure and no one else has connected that isn't supposed to be on.

Hard Harry7
join:2010-10-19
Narragansett, RI

Hard Harry7

Member

said by Xtreme2damax:

I see. I wish it was just as simple as selecting her connection to apply the limit lol.

How is it not? What do you show as options in that drop down instead? It is possible you have a different firmware, or different model entirely.
Xtreme2damax
join:2007-03-21
Port Byron, NY

Xtreme2damax

Member

I might just be over-complicating it and thinking it's more involved than it is. The way you worded your post made it sound that way.

I didn't check the pdf because I can barely load anything atm since the data is shot. So stuck with around 56k or slightly better with fap which feels much slower due to higher latency and usage coming from my sister.