I decided that I wanted to limit the traffic using iptables "limit" function. I have written the rule (find below) but still need to confirm a few things.
##########################
# Limiting P2P Traffic #
##########################
$IPTABLES -A INPUT -i $INSIDE -s 192.168.1.27 -p tcp --dport 1000:10000 -m limit --limit 5/second -j ACCEPT
$IPTABLES -A INPUT -i $INSIDE -s 192.168.1.27 -p tcp --sport 1000:10000 -m limit --limit 5/second -j ACCEPT
at the moment I am only restricting myself cause if something goes bad its my own prob ahhaha
so how to test if it is limiting the traffic...
let me try to write out my understanding of the rule and then id love ANYONE to correct me cause i think im wrong
-m limit --limit 5/second -j ACCEPT
5/second will only allow 5 packets(or Kb's???) through each second and the rest will be dropped? correct?
what does the limit-burst command actually do? does it allow 5 packets (or Kb's?) per second until it reaches the packet burst.. then resets?
the man page isnt that helpful with this.. at least I dont really understand..
So things i would LOVE answers too
1. is the number relevant to KB's or Packets?
2. If its packets how do I translate THAT into KB's so I know how many to allow per second. We have a 256KB connection.. so I would like to restrict the P2P to say 56Kb/Second (spread over everyone) which will piss people off but at least our normal traffic can run without coming to a slow stop
LibreOffice
Firefox
No comments:
Post a Comment