Dynamic Limiter script for pfsense

  • please rename to .pl and put in the /root dir more instruction to follow

    see later post for file

  • This Script is a very basic script that is written in perl, there is no GUI.

    The script looks at the maximum bandwidth (a user configurable variable ) and then uses the information passed to it by the limiter to determine how many actual connection there are ( ie active connections actually passing data). It then devides the bandwidth by this number to get a limit. As it would not be good to change the limit all the time the value is rounded down to the nearest 64 kb/s.

    This has worked for me where we have 8000 users connecting over a 50 mb/s connection in Ethiopia.

    The Installation institutions are as follows:

    1. configure your limiter though pfsense (see pfsense wiki)
    2. install the cron package.
    3. upload the bandwidth.txt file to /root via ssh and rename in the shell (option 8) to bandwidth.pl
    4. chmod 777 /root/bandwidth.pl
    5. open bandwidth.pl in your favourite text editor and change the top variables to your environment. the dedaults are 50 mb/s as the connection speed the upper limit is 1mb/s the lower limit is 256 kb/s and the steps the limter takes are in 64 kb .
    6. add a cron job to run the script every minutes in my case. You choose
    7. in the root dir a daily log is created the log shows the date time the bandiwth used on your em1 (change to your wan interface name) interface.
      it then shows the number of active buckets on the download limiter and then the actual number of those buckets that are transferring data. The next number is the actual limit and the last number is the caulculated limit before the rounding down.

    I hope this help some one who is having difficulty fairly managing their bandwith

  • sorry made a mistake use this file, initialized the rate variable now the rate will show up in the logs


  • This sounds like the most wanted feature "share evenly on LAN" that can be found i nthe m0nowall :-) Very nice.

    Just a tip on a similar feature.
    I have used a router that can work with two limiters for each user (each IP).

    Even bandwidth if more active users than bandwith (like your script)
    Normal limiter when plenty of bandwidth (could be max. 20Mbit pr. user/IP)
    If a user has more than 600 flows (probably p2p) then lower limit for that user to eg. 8Mbit

    Those three rules gives in total a pretty nice setup without much need of QoS.

    I have added some floating rules where traffic to/from the most used news servers end up in the p2p queue. Alias lists have to be updated now and then. But I really et to lower the priority of a lot of traffic that way.

    Thanks for sharing.

  • Thanks for the comments.

    I have done a little more work and will try and put this stuff into the script.

    In the latest version I have fixed a couple of things.

    things will now work when limit is over 1024 kb/s

    It can send info to a rrd server if needed.(to make pretty graphs) I will also attach my rrd server that I run on a separate ubuntu computer.
    The script looks at the units kb/s or mb/s so the log makes more sense.


  • Here is my rrd server script that takes the data from the bandwidth script and makes nice graphs. I run it on a seperate computer runnung ubuntu 13.10

    you need the rrdtool (apt-get install rrdtool) and you need to apt-get install librrdtool-oo-perl

    variables are at the top of the script.


  • again rename to a .pl extension. I have not tried it on a pfsense box but think there is a freebsd package for perl rrdtool::oo

  • same instructions as before, this scripts has many improvements, it checks users and the rate for a certain number of times (set to 15 here at 1 second intervals). Then it akes an average and uses this to calculate the limit. Also there are simple switches at the start of the script to turn on and off logging and sending things to the rrd server. Also there is now a log rotate feature tha will keep a certain number of logs and delete older logs.

    I use this script in my environment fine and the new way of detecting who is an active user has led to a much better calculation of the limit.

    Also the logs look prettier.


  • Hi,

    hmm that's a great idea this script!!!

    I will test it and tell you if it's okay.


  • Sorry, I have not tested it yet. I will test too :-)

  • Thanks, any feedback would be greatly appreciated :)

  • Just to let you know I am currently re writng this in php and getting it more integrated with the existing shaper php functions in pfsense.

  • Hi just thought I would let all know of the progress, I noticed alot of people asking for a limiting script so this might be helpful

    I am working on v4 now which will have a better limiting algorithm and post the stats (users, limit, rate) as an xml file for other monitoring programs to read

  • any update for this?
    at least having a gui


  • how are people getting on with this script ?

  • @debremarkos:

    I am working on v4 now which will have a better limiting algorithm and post the stats (users, limit, rate) as an xml file for other monitoring programs to read

    Hey debremarkos - any update on this?

  • Hey , This script is unavailable
    Can anyone repost it ?
    @EricE @debremarkos @HCJ

Log in to reply