Wednesday, February 4, 2004, 11:15:17 PM, you wrote: B> That's the closest thing I've seen to what I want, but it's not quite B> there. From what I understand, this lets me identify all sessions that B> have sent more than x bytes. Right. B> I want something that says "for every session going to port x, limit B> incoming throughput to no more than 50KB/5s" - or some other throughput B> definition that allows bursting. Well, that is easy. Create as many classes needed, add filters based on MARK value to put the traffic in the correspoing classes, then simply put the connbytes rules (-m connbytes max_bw:) together with a jump to MARK target (-j MARK) in the mangle table. As soon as max_bw will be reached, the packet will get marked and the filter will put the traffic in the appropriate class. P.Krumins _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
