> It was workable but it was no way a good scene. After analyzing traffic, > I thought it would have been inefficient to try and look into the data > portion of the datagram but what I did notice about the traffic we had > here was that the P2P machines had an unusually high number of connections. > For out network, the number of connections was something that could > easily be monitored. So, I've created a few scripts that used > iptables, tc, and a sniffer that dynamically ratelimits machines(IPs). Very interesting, I'll look more in depth to your scripts ... do you think it would be easy to change the decission of who to ratelimit, from the number of connections to the bandwidth they are using? Something like, if this user is using 512kb for 5 minutes ratelimit him? -- Damjan Georgievski jabberID: damjan@xxxxxxxxxxxx _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
