Great news! The Free Tier is back and accepting new users.

Learn how to get started
Open Markdown

How to Use UniFi traffic rules to block ads, limit apps, and prioritize traffic

TL;DR: UniFi's traffic rules let you block ads at the DNS level, throttle bandwidth-hungry apps, and prioritize voice or video traffic — all from the controller, with no extra hardware needed.

Your UniFi setup is already handling Wi‑Fi, switching, and routing. But did you know it can also shape and filter traffic so you get a faster, cleaner, more predictable network? From ad blocking to app throttling and prioritizing voice or gaming traffic, UniFi can do all that, without extra hardware.

In this post, we’ll walk through how to use traffic rules in UniFi’s Network application to:

  • Block ads at the DNS or IP level
  • Throttle bandwidth-hungry apps or devices
  • Prioritize important traffic like voice, video, or gaming

No fancy tools, no extra boxes. Let’s get your network working smarter.

Let’s dive in !!

Traffic rules 101: where to find them

Fire up your UniFi Controller and go to:

bash
UniFi Network > Settings > Internet > Traffic Rules

Here you’ll see options to add:

  1. Ad Blocking: A global toggle to block ad domains in DNS.
  2. App Filters: Predefined settings to limit common traffic types like torrents, gaming, or streaming.
  3. LAN to WAN Rules: Custom allow/drop/match rules with bandwidth shaping and VLAN tags.

We’ll cover all three. But first, make sure you’re on UniFi OS 3.0+ with the latest Network app.

Part 1: Block ads everywhere

Easy wins:

  • Enable Ad Blocking. UniFi uses blocklists like EasyList and MalwareDomainList. It intercepts DNS requests and sends back a blank response for any blocked domains. That means fewer popups, fewer tracking scripts, and cleaner browsing, all at the DNS layer.

How to enable:

  1. Go to Settings > Internet > Traffic Rules.
  2. Toggle Ad Blocking ON.
  3. Save.

That’s it, no further config needed. All connected clients on that gateway will stop asking for ad domains.

Part 2: Limit app types with filters

Maybe you’re fine with Netflix, but torrenting or large CDN downloads clog up your bandwidth. UniFi’s App Filters help you throttle or block traffic types by category.

You’ll find options like:

  • Peer-to-peer / torrents
  • Gaming
  • Video streaming
  • VPNs
  • Messaging

To set one up:

  1. Go to Traffic Rules.

  2. Expand App Filters.

  3. Choose a filter (e.g., “Peer-to-peer”) and set mode to:
    • Disabled
    • Throttle (define upload/download limits)
    • Block
  4. Set limits (e.g., 5 Mbps down, 1 Mbps up).
  5. Save.

That throttles all traffic identified as that category. Use this to stop bandwidth hogs or enforce acceptable use.

Part 3: Create custom LAN→WAN rules

For finer control, use LAN to WAN Rules. These let you set up allow/block rules, bandwidth limits, VLAN tags, and priorities.

3a: Throttle a specific device

Let’s say your gaming console hogs your uplink:

  1. Under LAN to WAN Rules, click Create New Rule.

  2. Set name: “Throttle GameConsole.”

  3. Rule type: Match.

  4. Source:
    • Network: LAN
    • Client: Select your console’s MAC
  5. Destination: Any
  6. Advanced:
    • Bandwidth limit: e.g., Upload 10 Mbps / Download 50 Mbps
  7. Save.

Now the console can’t overwhelm your link.

3b: Prioritize video or voice traffic

Maybe you want Zoom or WebEx to get top priority.

  1. Create a new rule named “Prioritize Zoom.”
  2. Rule type: Match.
  3. Protocol/Application: Choose “Zoom.”
  4. Under Advanced, set Faster priority.
  5. Save.

UniFi tags that traffic for priority treatment, so it'll race ahead in the queue.

3c: Block a malicious or vulnerable device

Say you have a rogue device you want quarantined:

  1. Create rule “Block BadDevice.”
  2. Type: Drop.
  3. Source: that device’s MAC.
  4. Destination: Any
  5. Save.

That device will get zero access off-LAN.

3d: Tag devices with VLANs

You can even assign traffic to VLANs:

  1. New rule called “IoT VLAN.”
  2. Match devices in your smart home.
  3. Under Match Actions choose “Set VLAN ID 20.”
  4. Save.

Now any traffic from those devices gets tagged and routed separately. Great for segmentation.

Order matters: Sequence your rules

Traffic rules are evaluated top-to-bottom. Make sure your critical rules (like blocking or prioritizing) sit above generic ones (like ad blocking). Use the drag handle to reorder.

Useful tips

Test as you roll

After adding rules, ping or speed test affected devices to confirm behavior. If you mis-wire priorities or limits, you might throttle voice or video unintentionally.

Monitor rule hits

Each rule shows counters, how many times it’s triggered. High counts on your throttle rule? You found a hungry client.

Avoid port-wide drops

Blocking broad ranges (like all HTTP) can break services. Always be precise.

Use tags for VLAN traffic

Tags are great if you use multiple VLANs. They help direct traffic without messing with iptables or routing manually.

When rules don’t work

  • Device caching DNS: Ad blocking fails if DNS is bypassed (e.g., mobile carriers or DoH). Consider DHCP DNS enforcement or client-side settings.
  • IPv6 traffic: UniFi’s filters are IPv4-only. You may need router-level IPv6 ACLs if you're heavy on IPv6.
  • Encrypted traffic makes matching hard**: Zoom might not always show as “Zoom” app. Use priority based on port or IP ranges.

Combine tools for strong results

Here’s a sample combo that works well:

  1. Ad Blocking: on
  2. App Filter: Throttle torrent traffic
  3. Custom Rule: Prioritize voice/video (Zoom, Teams)
  4. Custom Rule: Throttle game consoles
  5. Custom Rule: VLAN tag IoT devices
  6. Custom Rule: Drop unwanted devices
  7. Save and test

Result? No ads, no bandwidth hogs, important traffic prioritized, and secure segmentation.

Real-world scenarios

Home office

You work from home, kids stream video, and spouse plays online games. Strategy:

  • Ad block globally
  • Throttle streaming when you switch on a work mode
  • Prioritize Zoom traffic
  • Isolate IoT on VLAN

You get fast calls, reliable performance, and no slowdowns.

Small business

Clients come over, you host meetings, and someone downloads backups daily.

  • Ad block on guest SSID
  • Block P2P on guest network
  • Prioritize calls and VPN
  • Drop unauthorized devices

Clients get good internet without disruption, and your office apps always work.

Co-working / shared space

You host hardware testers and creative professionals on the same network.

  • Ad block
  • Throttle torrent or OS updates
  • Prioritize VoIP
  • Segment devices by VLAN
  • Block unknown clients

Everyone gets reliable performance without sensitive systems talking to each other.

Final thoughts

UniFi traffic rules are a powerful fit for most networks. They work from the controller, no extra hardware, and they can solve a lot of issues: cluttered browsing, app hogging, video stutters, and unsecured devices.

Traffic shaping isn’t just for ISPs or large enterprises anymore, it’s easy to set up with UniFi and it brings big results.

Conclusion

Traffic rules in UniFi open up a world of control. From blocking ads to cleaning up bandwidth hogs to giving Zoom and gaming the treatment they need, traffic shaping isn’t just for big networks. You can run it at home or for clients, without extra gear.

If you're managing client networks and want this setup done right, without hosting headaches, check out how we handle it at UniHosted. We optimize, secure, and monitor everything so you don’t have to.