Qadry
unixcop Admin

How to Install and Manage Evillimiter to control Your Wi-Fi Network in Linux

Introduction

Evillimiter

Evillimiter is a free, open-source monitoring tool that can limit bandwidth usage for devices connected to a LAN. It runs on Linux and Windows and can work without administrative access to the network.

Also it’s a tool to monitor, analyze and limit the bandwidth (upload/download) of devices on your local network without physical or administrative access.
Evillimiter employs ARP spoofing and traffic shaping to throttle the bandwidth of hosts on the network.

Install Evillimiter

The installation requires Python 3, which should be available on most Linux installations by default. To install evillimiter, run these commands below:

[unixcop@rhel-pc ~]$ git clone https://github.com/bitbrute/evillimiter.git
Cloning into 'evillimiter'...
remote: Enumerating objects: 256, done.
remote: Counting objects: 100% (102/102), done.
remote: Compressing objects: 100% (76/76), done.
remote: Total 256 (delta 61), reused 62 (delta 26), pack-reused 154
Receiving objects: 100% (256/256), 69.47 KiB | 11.00 KiB/s, done.
Resolving deltas: 100% (145/145), done.
[unixcop@rhel-pc ~]$

Command above retrieves source code.

Now run this command below to navigate to the source directory.

[unixcop@rhel-pc ]# cd evillimter
[unixcop@rhel-pc evillimiter]# 

Then run this command to install evillimiter.

[unixcop@rhel-pc evillimiter]# sudo python3 setup.py install

Manage and control your Wi-Fi Network using Evillimiter

Once the installation finishes, you can start monitoring devices connected to your personal Wi-Fi. To do this, start the app by running this command:

[root@rhel-pc ]# evillimiter

Note : You will need sudo/root privileges to run and use evillimiter. This is because it handles the network controller and needs access to low-level kernel parameters. When you first run evillimiter, it will display some information about your Wi-Fi network.

You can view a list of available commands by entering help in the interactive console.

(Main) >>> help
type help or ? to show command information.
(Main) >>> 
(Main) >>> 
(Main) >>> help

scan (--range [IP range])          scans for online hosts on your network.
                                   required to find the hosts you want to limit.
                                   e.g.: scan
                                         scan --range 192.168.178.1-192.168.178.50
                                         scan --range 192.168.178.1/24

hosts (--force)                    lists all scanned hosts.
                                   contains host information, including IDs.

limit [ID1,ID2,...] [rate]         limits bandwith of host(s) (uload/dload).
      (--upload) (--download)      e.g.: limit 4 100kbit
                                         limit 2,3,4 1gbit --download
                                         limit all 200kbit --upload

block [ID1,ID2,...]                blocks internet access of host(s).
      (--upload) (--download)      e.g.: block 3,2
                                         block all --upload

free [ID1,ID2,...]                 unlimits/unblocks host(s).
                                   e.g.: free 3
                                         free all

add [IP] (--mac [MAC])             adds custom host to host list.
                                   mac resolved automatically.
                                   e.g.: add 192.168.178.24
                                         add 192.168.1.50 --mac 1c:fc:bc:2d:a6:37

monitor (--interval [time in ms])  monitors bandwidth usage of limited host(s).
                                   e.g.: monitor --interval 600

analyze [ID1,ID2,...]              analyzes traffic of host(s) without limiting
        (--duration [time in s])   to determine who uses how much bandwidth.
                                   e.g.: analyze 2,3 --duration 120

watch                              detects host reconnects with different IP.
watch add [ID1,ID2,...]            adds host to the reconnection watchlist.
                                   e.g.: watch add 3,4
watch remove [ID1,ID2,...]         removes host from the reconnection watchlist.
                                   e.g.: watch remove all
watch set [attr] [value]           changes reconnect watch settings.
                                   e.g.: watch set interval 120

clear                              clears the terminal window.

quit                               quits the application.
            
(Main) >>>

Scan Hosts

You need to scan the local network before you can monitor connected devices. Use the scan command to do this.

(Main) >>> scan

Also you can view the hosts. Use the hosts command to list all active hosts.

(Main) >>> hosts
(Main) >>> scan

  0% |                                | 0/256
 23% |███████▎                       | 60/256
 49% |██████████████▋               | 125/256
 84% |█████████████████████████     | 214/256
100% |██████████████████████████████| 256/256
OK   4 hosts discovered.

(Main) >>> hosts

┌Hosts─────────────┬───────────────────┬─────────────────┬────────┐
│ ID │ IP address  │ MAC address       │ Hostname        │ Status │
├────┼─────────────┼───────────────────┼─────────────────┼────────┤
│ 0  │ 192.168.1.1 │ 20:e8:82:a0:ff:b2 │ csp1.zte.com.cn │ Free   │
│ 1  │ 192.168.1.2 │ 3c:57:6c:19:52:be │ galaxy-j6       │ Free   │
│ 2  │ 192.168.1.3 │ 10:b1:f8:ab:20:2a │ huawei_nova-7i  │ Free   │
│ 3  │ 192.168.1.4 │ ce:74:8b:a1:c8:19 │ realme-7        │ Free   │
└────┴─────────────┴───────────────────┴─────────────────┴────────┘

(Main) >>>

Limit Bandwidth usage for Hosts

Now you can view the hosts and limit their bandwidth usage.

Evillimiter will assign an ID to each device. The status field shows whether bandwidth has already been limited for a device.

You can limit the bandwidth for any device by using the limit command.

(Main) >>> limit 2 100kbit

Also you can limit many devices at once using a comma-separated list.

Here is an example

(Main) >>> limit 2,3 100kbit
Ok   192.168.1.2 upload / download limited to 100kbit.
Ok   192.168.1.3 upload / download limited to 100kbit.

This command will limit the bandwidth of the second and third devices to 100 kbit.

Limit upload/download speeds separately

The bandwidth limitation is set for both upload and download speeds. But you can also limit upload/download speeds separately. The next command limits the second device’s download speed to 100 kbit per second.

(Main) >>> limit 2 100kbit --download

Block the connection for a host device

You can also block the Internet connection for a host device using the block command.

(Main) >>> block 2

This command will block the second device from using network resources. Use the –upload and –download flags for blocking one-way traffic.

(Main) >>> block 2 --download

Also you can block all other Wi-Fi devices using the below command.

(Main) >>> block all

Free Blocked Hosts

You also can free these devices once you’re done. Use the free command followed by the host ID to do this.

(Main) >>> free 1,2,3
(Main) >>> free all

Here is an example on block and free all hosts.

(Main) >>> block all
OK   192.168.1.1 upload / download blocked.
OK   192.168.1.2 upload / download blocked.
OK   192.168.1.3 upload / download blocked.
OK   192.168.1.4 upload / download blocked.
(Main) >>> 
(Main) >>> hosts

┌Hosts─────────────┬───────────────────┬─────────────────┬─────────┐
│ ID │ IP address  │ MAC address       │ Hostname        │ Status  │
├────┼─────────────┼───────────────────┼─────────────────┼─────────┤
│ 0  │ 192.168.1.1 │ 20:e8:82:a0:ff:b2 │ csp1.zte.com.cn │ blocked │
│ 1  │ 192.168.1.2 │ 3c:57:6c:19:52:be │ galaxy-j6       │ blocked │
│ 2  │ 192.168.1.3 │ 10:b1:f8:ab:20:2a │ huawei_nova-7i  │ blocked |
│ 3  │ 192.168.1.4 │ ce:74:8b:a1:c8:19 │ realme-7i       │ blocked │
└────┴─────────────┴───────────────────┴─────────────────┴─────────┘

(Main) >>> free all
(Main) >>> 
(Main) >>> hosts

┌Hosts─────────────┬───────────────────┬─────────────────┬────────┐
│ ID │ IP address  │ MAC address       │ Hostname        │ Status │
├────┼─────────────┼───────────────────┼─────────────────┼────────┤
│ 0  │ 192.168.1.1 │ 20:e8:82:a0:ff:b2 │ csp1.zte.com.cn │ Free   │
│ 1  │ 192.168.1.2 │ 3c:57:6c:19:52:be │ galaxy-j6       │ Free   │
│ 2  │ 192.168.1.3 │ 10:b1:f8:ab:20:2a │ huawei_nova-7i  │ Free   │
│ 3  │ 192.168.1.4 │ ce:74:8b:a1:c8:19 │ realme-7        │ Free   │
└────┴─────────────┴───────────────────┴─────────────────┴────────┘

(Main) >>> 

To quit the interactive console, type in quit or exit in the command window.

(Main) >>> quit

It will exit the current session and bring back the terminal prompt.

Note:

1-Since the interactive console is colored, it may not run properly in some environments. You can install the packages needed for color-coding or use the –colorless option in such cases.

sudo evillimiter --colorless

If you run this in the terminal, it will start a colorless interactive session for evillimiter. People can use this mode whenever facing problems with ASCII colors.

2-The -f option helps resolve issues with Linux iptables configuration or network parameters.

sudo evillimiter -f

Conclusion

You can easily control your Wi-Fi network in Linux using Evillimiter. It’s effortless to install and works well even without admin access.

Note: you should not use this tool on other people’s networks, avoiding possible legal challenges.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest articles

x