Hi,
I'm looking for a firewall (preferably on Linux / UNIX) that could
automatically block bandwidth abusers as soon as a connection goes
over a certain speed, or limit - i.e. either more than say 3Mb/s or
10GB in a giving period (like weekly / monthly).
But, I need it to block the IP to, or where the traffic comes from, or
goes to. i.e. a user logs into a web server and upload a LOT of data,
then the firewall should block him, but not other people.
Or, someone uploads a small bit of data but downloads a lot of data
and then get's blocked.
But I need to set thresholds
And I should be able to exclude certain IP's / domains from the limits.
Does this make sense?
Can this be done with iptables? If so, how?
If not, what else could I use for this?
A normal DDOS prevention firewall doesn't really work since it only
blocks traffic coming in. But I need to limit traffic going out as
well.
The servers behind the firewall will serve mail, http, ftp, sql and SSH
--
Kind Regards
Rudi Ahlers
SoftDux
Website: http://www.SoftDux.com
Technical Blog: http://Blog.SoftDux.com
Office: 087 805 9573
Cell: 082 554 7532
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
