wanted: simple way to limit traffic (fwd)

Petr Vanek vanous na penguin.cz
Středa Březen 6 01:44:13 CET 2002


ahoj,

tohle mne docela zaujalo... neznate nekdo reseni?


----- Forwarded message from urgrue <urgrue na tumsan.fi> -----
should:
iptables -A INPUT -m limit --limit 1/s -j DROP

limit incoming packets to one packet per second? it doesnt do that for 
me, but can it?

id like to use the simplest and easiest possible way to limit traffic, 
any suggestions? it doesnt have to be precise, as long as i can limit 
traffic to more or less 2 megs.
----- End forwarded message -----
----- Forwarded message from James <james na piku.org.uk> -----
On Mon, Mar 04, 2002 at 03:59:18PM +0200, urgrue wrote:
| should:
| iptables -A INPUT -m limit --limit 1/s -j DROP
| 
| limit incoming packets to one packet per second? it doesnt do that for 
| me, but can it?

I looked at doing similar a while ago when I had my modem (got ADSL
now, no need for rate-limiting :-) and concluded it's very difficult to
limit your incoming data.

The only way is to delay sending TCP ACK packets back to people,
simulating your link being really overloaded. But I don't know how
you'd do that (maybe you can filter outgoing ACKs and drop a certain
number, or delay them or something? dropping them would probably be a
bad idea...).
----- End forwarded message -----

-- 

bye

Vanous
-------------------------------------------------
Petr Vanek                       ..... ./\.  ....
Debian GNU Linux                 .. _|\|  |/|_ ..
vanous na penguin.cz                .. \        /...
http://www.penguin.cz/~vanous    ... >______< ...
Angus, Ontario, CA               ...... / .......
-------------------------------------------------
Registered linux user #217487
------------- další část ---------------
A non-text attachment was scrubbed...
Name: [žádný popis není k dispozici]
Type: application/pgp-signature
Size: 232 bytes
Desc: [žádný popis není k dispozici]
URL: <http://www.linux.cz/pipermail/linux/attachments/20020306/54e35b3c/attachment.sig>


Další informace o konferenci Linux