Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

bitbrute bitbrute Last update: Feb 22, 2024

Evil Limiter

License Badge Compatibility Maintenance HitCount Open Source Love

A tool to monitor, analyze and limit the bandwidth (upload/download) of devices on your local network without physical or administrative access.
evillimiter employs ARP spoofing and traffic shaping to throttle the bandwidth of hosts on the network.

Searching for a Windows-compatible version?
Check out the open-source alternative EvilLimiter for Windows.

Requirements

  • Linux distribution
  • Python 3 or greater

Possibly missing python packages will be installed during the installation process.

Installation

git clone https://github.com/bitbrute/evillimiter.git
cd evillimiter
sudo python3 setup.py install

Alternatively, you can download a desired version from the Release page.

Usage

Type evillimiter or python3 bin/evillimiter to run the tool.

evillimiter will try to resolve required information (network interface, netmask, gateway address, ...) on its own, automatically.

Command-Line Arguments

Argument Explanation
-h Displays help message listing all command-line arguments
-i [Interface Name] Specifies network interface (resolved if not specified)
-g [Gateway IP Address] Specifies gateway IP address (resolved if not specified)
-m [Gateway MAC Address] Specifies gateway MAC address (resolved if not specified)
-n [Netmask Address] Specifies netmask (resolved if not specified)
-f Flushes current iptables and tc configuration. Ensures that packets are dealt with correctly.
--colorless Disables colored output

evillimiter Commands

Command Explanation
scan (--range [IP Range]) Scans your network for online hosts. One of the first things to do after start.
--range lets you specify a custom IP range.
For example: scan --range 192.168.178.1-192.168.178.40 or just scan to scan the entire subnet.
hosts (--force) Displays all the hosts/devices previously scanned and basic information. Shows ID for each host that is required for interaction.
--force forces the table to be shown, even when it doesn't fit the terminal.
limit [ID1,ID2,...] [Rate] (--upload) (--download) Limits bandwidth of host(s) associated to specified ID. Rate determines the internet speed.
--upload limits outgoing traffic only.
--download limits incoming traffic only.
Valid rates: bit, kbit, mbit, gbit
For example: limit 4,5,6 200kbit or limit all 1gbit
block [ID1,ID2,...] (--upload) (--download) Blocks internet connection of host(s) associated to specified ID.
--upload limits outgoing traffic only
--download limits incoming traffic only.
free [ID1,ID2,...] Unlimits/Unblocks host(s) associated to specified ID. Removes all further restrictions.
add [IP] (--mac [MAC]) Adds custom host to host list. MAC-Address will be resolved automatically or can be specified manually.
For example: add 192.168.178.24 or add 192.168.1.50 --mac 1c:fc:bc:2d:a6:37
monitor (--interval [time in ms]) Monitors bandwidth usage of limited host(s) (current usage, total bandwidth used, ...).
--interval sets the interval after bandwidth information get refreshed in milliseconds (default 500ms).
For example: monitor --interval 1000
analyze [ID1,ID2,...] (--duration [time in s]) Analyzes traffic of host(s) without limiting to determine who uses how much bandwidth.
--duration specifies the duration of the analysis in seconds (default 30s).
For example: analyze 2,3 --duration 120
watch Shows current watch status. The watch feature detects when a host reconnects with a different IP address.
watch add [ID1,ID2,...] Adds specified host(s) to the watchlist.
For example: watch add 6,7,8
watch remove [ID1,ID2,...] Removes specified host(s) from the watchlist.
For example: watch remove all
watch set [Attribute] [Value] Changes current watch settings. The following attributes can be changed:
range is the IP range to scan for reconnects.
interval is the time to wait between each network scan (in seconds).
For example: watch set interval 120
clear Clears the terminal window.
quit Quits the application.
?, help Displays command information similar to this one.

Restrictions

  • Limits IPv4 connctions only, since ARP spoofing requires the ARP packet that is only present on IPv4 networks.

Disclaimer

Evil Limiter is provided by bitbrute "as is" and "with all faults". The provider makes no representations or warranties of any kind concerning the safety, suitability, lack of viruses, inaccuracies, typographical errors, or other harmful components of this software. There are inherent dangers in the use of any software, and you are solely responsible for determining whether Evil Limiter is compatible with your equipment and other software installed on your equipment. You are also solely responsible for the protection of your equipment and backup of your data, and the provider will not be liable for any damages you may suffer in connection with using, modifying, or distributing this software.

License

Copyright (c) 2019 by bitbrute. Some rights reserved.
Evil Limiter is licensed under the MIT License as stated in the LICENSE file.

Subscribe to our newsletter