On Wed, 2011-08-17 at 21:50 +0200, Rudi Ahlers wrote:
> Hi,
>
> I'm looking for a firewall (preferably on Linux / UNIX) that could
> automatically block bandwidth abusers as soon as a connection goes
> over a certain speed, or limit - i.e. either more than say 3Mb/s or
> 10GB in a giving period (like weekly / monthly).
>
> But, I need it to block the IP to, or where the traffic comes from, or
> goes to. i.e. a user logs into a web server and upload a LOT of data,
> then the firewall should block him, but not other people.
>
> Or, someone uploads a small bit of data but downloads a lot of data
> and then get's blocked.
> But I need to set thresholds
> And I should be able to exclude certain IP's / domains from the limits.
>
> Does this make sense?
>
> Can this be done with iptables? If so, how?
>
> If not, what else could I use for this?
>
>
> A normal DDOS prevention firewall doesn't really work since it only
> blocks traffic coming in. But I need to limit traffic going out as
> well.
>
> The servers behind the firewall will serve mail, http, ftp, sql and SSH
----
http://tinyurl.com/3n5yn8u
Craig
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
