Just my 5 cent: i would use the quota module with iptables. # iptables -A INPUT -p tcp --dport 80 -m quota --quota 52428800 -j ACCEPT # iptables -A INPUT -p tcp --dport 80 -j DROP # iptables --list Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:http <dpt:http> quota: 52428800 bytes DROP tcp -- anywhere anywhere tcp dpt:http <dpt:http> Source: http://www.netfilter.org/documentation/HOWTO/de/netfilter-extensions-HOWTO-3.html Additonally i would monitor the rules with some monitoring systems like zabbix. You can trigger a script with zabbix if a special event occurs. Furthermore you could also just monitor the counters in iptables with a plain iptables rule without any quota support. Stefan -- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
