Hi all, I'm intrigued by a recent thread with a similar subject on the netfilter list [1]. Why is tc not recommended for ingress shaping? I use a netfilter utility that queries a local DB and drops packets according to a probability stored there. It works well for dictionary attacks, as each login failure doubles the probability of being blocked (which then decays slowly with time). However, that is less suited for spammers, who I don't want to block completely for a long period of time --in case they have some ham too. Currently, I only nqueue new connections to that filter, as its random blocking leaves something to be desired. I'd better send spam-connections to a consistently slow tc class instead. The idea is to mark new connections when they are accepted and have tc play its magic afterwards. Can tc do that? TIA for any suggestion Ale -- [1] http://www.spinics.net/lists/netfilter/msg54702.html -- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
