Is there a way, or an app, that will stop your Manjaro PC from downloading after reaching a certain amount of data? Like… around 100g per day?
I have a data limit on my internet access, and my 15 year old son keeps going over it… DRAMATICALLY. I need to teach him a lesson, because he’s not listening about correct management, and I need him to realize he’s reached his limit.
I get up to 5 TB per month (before getting throttled down… Yeah, that’s my ISP
s definition of unlimited), but he’s going to finish that off by the end of the week.
The best course of action would be to set a bandwidth limit on your router and/or use parental controls. Many router manufacturers include features like that.
Perhaps I’m stating the obvious, but limiting bandwidth will also limit data usage as a matter of course. Most routers will allow you to set limitations on a per-client basis, which means you could potentially target just one connected machine; and some can be set to limit bandwidth between certain times.
Another possibility might be a monitoring tool. It may be possible to configure it to email you when usage has reached a level that you define. The following might be worth looking at;
and no doubt many similar tools.
There is also trickle that might do what you need; it allows to set upload/download limits, presumedly limiting the bandwidth after those amounts are reached.
I see this question popping up around the Internet every so often, and I can’t recall ever seeing a simple, workable solution for shaping/limiting data by user on a desktop Linux machine.
However, there is another option available: limit their time online instead. Allow them so many hours per day. Maybe set the limit so that, even if they download at maximum speed for the entire session, they would still not reach the daily limit you set. There is an application available from the AUR that I mentioned in another topic a few months ago:
It is indeed interesting to have a real solution, i also have not seen one. But i can suggest 2 workarounds. You can parse some statistic, like the output from vnstat, in a script, and then disconnect the network interface. Make it a system service so it runs with root and or set a polkit rule so that only root can bring up the interface (i guess networkmanager has to be disabled). It will be some manual work.
Or, as already mentioned, if you limit the speed at the router to about 12mbps it should be enough to keep the traffic below 5TB. It will be even enough for movie streaming with ok quality. The only thing that will be suffering will be the torrents, which is the point (cause the only possible way to make such a traffic at home is twitching in ultra mega hyper quality or having a torrent seedbox).
To empower and help your son, vnstat is a good tool for monitoring - and with a desktop conky this could be made permanently visible on the desktop (I have my daily stat for my enp0s3 network interface at the bottom of my ‘network’ conky):
From there, I see an app called ‘wondershaper’ which will throttle - however, this just slows down the bleed…
Generally, though, I’d first want to identify WHAT is using the bandwidth. For me it would be my `arr stack, automatically grabbing TV content via torrenting, and that leads to a lot of upload bandwidth when seeding.
Then I’d look into some kind of script; I asked AI to knock something up, maybe it’s a plan:
Completely untrustworty AI suggestion - view at your own risk:
#!/bin/bash
INTERFACE="wlan0" # Replace with his network interface
MONTHLY_LIMIT_KB=2621440000 # 2.5TB in KB (~2.5 * 1024^3 / 1024)
WARNING_THRESHOLD=2359296000 # 90% of limit (2.25TB)
CURRENT_USAGE=$(vnstat -m --oneline | awk -F';' '{print $11}')
if [ "$CURRENT_USAGE" -ge "$MONTHLY_LIMIT_KB" ]; then
# HARD LIMIT REACHED: Cut off internet
sudo ip link set $INTERFACE down
echo "Monthly limit reached. Internet disabled." | wall
elif [ "$CURRENT_USAGE" -ge "$WARNING_THRESHOLD" ]; then
# SOFT LIMIT: Throttle to 1Mbps
sudo wondershaper $INTERFACE 1024 1024 # 1Mbps up/down
echo "Warning: Approaching monthly limit. Speed reduced." | wall
else
# Reset to normal speed
sudo wondershaper clear $INTERFACE
fi
It’d be interesting to set some short limits and test this out - then set it to run on an hourly basis.
Then as already mentioned - Trickle/Trickled.
But overall, I would say Parental control works best. Experience with my son shows that ignorance is king - ‘sorry Daddy, I didn’t realise’ just isn’t going to cut the mustard. You must encourage self discipline with a hard limit.
Best solution: Router Setup
Set his monthly quota, you can schedule internet access (block overnight - my son sometimes loves to leave his game running with an autoclicker) and throttle his MAC address…
You give him tools to monitor his own use, manage his own machine - then you set your router to cut him off if he fails.
It shouldn’t happen more than once - he’d be crawling up the walls until the next month, and likely would magically avoid hitting that hard limit again in future.
These are definitely some creative solutions. However, they are not what I need. What I need is a cold-switch in the shower. You know, when you use up all the hot water, and then it starts to run cold…
Also, it’s not “his” machine… it’s mine. He games on my machine when I am not using it. What I need is for him to see the real life consequences of using too much data.
I want his 145g game download on Steam to only get half-way, and then stop. Maybe then he’ll back it up on his portable instead of deleting and re-downloading it all the time.
I want him to be in the middle of one of his online games, and lose his connection due to data loss. Maybe he’ll realize that he can only play for so long, before he runs out of data.
I want him to not be able to download a map for one of his games, and have to wait he has more data to use. Maybe he’ll learn to make incremental backups of his games.
Until this happens, he will not take care to plan his data usage with a limited amount of data. He needs to have REAL WORLD consequences for his mismanagement.
i.e. “You have met your data quota for the day.”
I could just keep him off of my computer. And that may well be the consequence… but instead, I’d like to at least give him the opportunity of how to manage his usage… One day he may pay for his own ISP, and have to manage a lot less.
I have seen some solutions capable of setting and enforcing quotas on the downloaded volume.
Not only to throttle the available bandwidth.
A real quota.
Based upon OpenWRT - you’d need a second router, one the delinquent connects to,
has to connect to,
while you ban him from the main router via password change.
That way you have full control over anything going through that additional router.
(including pulling the physical plug yourself without affecting your activity)
May be worth the investment when talking and explaining doesn’t work with your offspring.
Here’s an IA generated one that I have not tested, and am unlikely to find the time to do so. So check it out at your own risk… anyne here who is a programmer, can work ou if it’s doable, or the basis for anything useful…
Here's an example script that cuts off internet access for a specific user if certain time and/or data limits are exceeded:
bash
if [ $((CURRENT_TIME - $(date +%s -d “1 hour ago”))) -gt $TIME_LIMIT ]; then
Cut off internet access
iptables -A OUTPUT -o eth0 -p tcp --dport 80 -j DROP
iptables -A OUTPUT -o eth0 -p tcp --dport 443 -j DROP
fi
Check data limit
if [ $CURRENT_DATA_USAGE -gt $DATA_LIMIT ]; then
Cut off internet access
iptables -A OUTPUT -o eth0 -p tcp --dport 80 -j DROP
iptables -A OUTPUT -o eth0 -p tcp --dport 443 -j DROP
fi
This script uses `iftop` to monitor network traffic and `iptables` to control internet access. If the time or data limit is exceeded, it cuts off internet access for the specified user.
**Note**: This is just a basic example, and you may need to modify it to suit your specific requirements. Additionally, you may need to use more advanced tools and techniques to implement a robust internet access control system.
Here's a Python script that achieves the same functionality:
python
def monitor_traffic(self):
# Use iftop to monitor network traffic
output = subprocess.check_output(["iftop", "-t", "1"])
data_usage = int(output.decode("utf-8").split()[0])
# Check time limit
if time.time() - self.start_time > self.time_limit:
# Cut off internet access
subprocess.call(["iptables", "-A", "OUTPUT", "-o", "eth0", "-p", "tcp", "--dport", "80", "-j", "DROP"])
subprocess.call(["iptables", "-A", "OUTPUT", "-o", "eth0", "-p", "tcp", "--dport", "443", "-j", "DROP"])
# Check data limit
if data_usage > self.data_limit:
# Cut off internet access
subprocess.call(["iptables", "-A", "OUTPUT", "-o", "eth0", "-p", "tcp", "--dport", "80", "-j", "DROP"])
subprocess.call(["iptables", "-A", "OUTPUT", "-o", "eth0", "-p", "tcp", "--dport", "443", "-j", "DROP"])
if name == “main”:
controller = InternetAccessController(“exampleuser”, 3600, 1000)
controller.start_time = time.time()
while True:
controller.monitor_traffic()
time.sleep(1)
This script uses `iftop` to monitor network traffic and `iptables` to control internet access. If the time or data limit is exceeded, it cuts off internet access for the specified user.
If I’m reading that script correctly, it monitors the outgoing traffic.
Which would most likely be … the wrong way for the purpose here.
But yes, it is quite easy to do.
Another “but”:
if it is running on the machine itself, it’s easy to circumvent/deactivate - depending on level of knowledge and access privileges of the person.
Valid point.
Still easily circumvented by simply booting the machine from USB … but that does take some dedication and knowledge of the inner workings of the system - and the will to disregard the reasons the father has given for implementing the restriction.
Not good would that be …
Well, I could of course also propose psychotherapy, because if the kid downloads 100 GiB worth of games every day, then he’s obviously got a gaming addiction problem.
On this topic I could open a can of worms that I was personally affected by - not entirely without my fault, but it cost me dearly.
… torrents, copyrighted material, the owner of the connection is responsible, no matter what … would be the theme if anyone was interested …
I took the link provided by @philm and modified it to use firewalld and be a daily limit.
The source page noted that it could extend first login with as much as 60 sec.
firewalld is a dynamic firewall and using the panic mode the change occur instantly.
When the limit for a username is met the script will execute firewall-cmd --panic-on which will block any and all traffic on the system.
Assuming it is a system where only one user is active at a time - the user hitting the limit will face a lockdown. If the user logs off and another user log in - a user with no limit the network is unlocked by executing firewall-cmd --panic-off.
$ cat /etc/bandwidth.conf
##
## INTERFACE <iterface name>
## <username> <daily bandwidth limit in megabytes>
## The value may be empty - in which case there is no limit
## and lockdown will not happen
# INTERFACE enp1s0
# fh
# bob 5000
# player 10000
It is fairly simple to create a simple systemd unit to make the script run as a service
#!/bin/bash
#
#
# posted by reborg on The UNIX and Linux Forums
# (c) 2009 - The UNIX and Linux Forums
#
# Modified by @linux-aarhus 2025-07-07
#
ME=$(basename "$0")
CONFIGFILE=/etc/bandwidth.conf
RUNDIR=/var/run/bandwidth
NETWORK_STATS=/proc/net/dev
CHECKINTERVAL=30
get_lock_state(){
echo $(firewall-cmd --query-panic)
}
LOCKED=$(get_lock_state)
lock_network() {
echo "current state : " $(get_lock_state)
echo "locking network..."
if [[ $(get_lock_state) -eq "no" ]] ; then
firewall-cmd --panic-on --quiet
LOCKED=$(get_lock_state)
echo "Network locked : " $(get_lock_state)
fi
}
unlock_network() {
echo "current state : " $(get_lock_state)
echo "unlocking network..."
if [[ $(get_lock_state) -eq "yes" ]] ; then
firewall-cmd --panic-off --quiet
LOCKED=$(get_lock_state)
echo "Network locked : " $(get_lock_state)
fi
}
load_config() {
IF=$(awk '$1 == "INTERFACE" {print $2}' $CONFIGFILE)
echo "interface : " $IF
TRANSFER_LIMIT=$(awk -v user="$username" '$1 == user { printf "%i\n", $2 * 1024 * 1024 ; exit}' $CONFIGFILE)
echo "transfer limit : " $TRANSFER_LIMIT
if [[ -z "$TRANSFER_LIMIT" || $TRANSFER_LIMIT eq 0 ]] ; then
unlock_network
LOCK_NETWORK=0
return
fi
LOCK_NETWORK=1
touch ${RUNDIR}/${username}.$(date +%d)
[[ -d $RUNDIR ]] || mkdir -p $RUNDIR
if [[ ! -f "${RUNDIR}/${username}" ]] ; then
echo $TRANSFER_LIMIT > "${RUNDIR}/$username"
fi
REMAINING=$(< "${RUNDIR}/${username}" )
echo "remaining : " $REMAINING
# note IFS on the next line is '<space><tab>:'
while IFS=' :' read net bandwidth junk; do
if [[ "$net" = "$IF" ]] ; then
TRANSFER_USED=$bandwidth
echo "transfer used : " $TRANSFER_USED
fi
done < $NETWORK_STATS
if (( REMAINING > 0 )) ; then
unlock_network
fi
}
run() {
while : ; do
set -- $(who)
if [[ $# -lt 1 ]] ; then
sleep $CHECKINTERVAL
next
fi
if [[ "$1" != "$username" ]] ; then
username="$1"
load_config
fi
if [[ $LOCK_NETWORK -eq 1 ]] ; then
while IFS=' :' read net bandwidth junk; do
if [[ "$net" = "$IF" ]] ; then
TODAY=$(date +%d)
YESTERDAY=$(date -d "yesterday" +%d)
if [[ -f ${RUNDIR}/${username}.${YESTERDAY} ]] ; then
rm ${RUNDIR}/${username}.${YESTERDAY}
touch ${RUNDIR}/${username}.$TODAY
REMAINING=$TRANSFER_LIMIT
TRANSFER_USED=$bandwidth
unlock_network
fi
(( SESSION = bandwidth - TRANSFER_USED ))
(( REMAINING = REMAINING - SESSION ))
echo "session : " $SESSION
echo "remaining : " $REMAINING
if (( REMAINING <= 0 )) ; then
lock_network
echo 0 > ${RUNDIR}/$username
else
echo $REMAINING > ${RUNDIR}/$username
fi
fi
done < $NETWORK_STATS
fi
sleep $CHECKINTERVAL
done
}
if [[ ! -f $CONFIGFILE ]] ; then
echo "No bandwidth limits set" >& 2
exit 2
fi
run
