On Thu, Dec 11, 2008 at 04:00:23AM -0300, Carlos Oliva G. wrote: > what I desire: I need to put a bandwidth limit _on each_ source IP > address from inside my network to any package marked by iptables/ > netfilter as an international destination, instead of an overall > limit. I would also need to set different classes of upstream > bandwidth limits, like 256, 512, 1024 and 2048 kbps.
did you already see/try iptables' module(s) dstlimit/hashlimit? then you'd set N chains corresponding to N IP(ranges) source, each with its own per-destination limit(s) rule(s). Alas, my experience dates back to the (now gone) fuzzy module; as of iptables-current, seems that hashlimit is what you want: "... hashlimit uses hash buckets to express a rate limiting match (like the limit match) for a group of connections using a single iptables rule. Grouping can be done per-hostgroup (source and/or destination address) and/or per-port. ..." -- paolo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
