Martin Devera <devik@xxxxxx> writes: > It is nerly FAQ. You can use Ingres qdisc to do it and attach > policers here. Ah ok, I found the SYN flood example in the HOWTO. :) But that seems to work by dropping packets rather than queueing them, which is not so good if your bandwidth is very limited (modem dialup). > It would be nice to be able to attach every qdisc to incoming interface > but it is not possible. There is always problem - when packet already > hitted your box why do you want to drop/delay it ? Because some of the traffic is for this box (doesn't go out) and I don't want it to ``steal' all the bandwidth from traffic that is forwarded through the box. Also, the traffic is mostly asymmetric, lots of data coming in and only ACKs going out. > On your virtual-host note. I already did patch (called IMQ) which > implements virtual inteface allowing to attach single qdisc to multiple > outgoing devices. Could you post the URL for that? > It should be relatively easy to extend it to catch incoming packets > too > - only there is no time to do it. Hmm, lack of time is a universal problem me thinks... ;) -- Manfred
