|
Hi there, and thanks for all the fish - I just love
netfilter...
I have a quick question and would appreciate being
cc'd in the reply if at all possible.
is it possible, with iptables to slow down traffic?
- here is the scenario...
I have customer with an employee that is surfing
certain websites (ie: zone.msn.com) and playing backgammon all day long.
The problem is that he is valueble to the
organisation for certain reasons, and as such the customer does not want to
piss him off (political reasons), however I have been commisssioned to stop the
backgammon games as they are a real timewaster.
They have a firewall, which allows NAT'd
connections without a squid proxy, and I was wondering if the --limit stuff
would work to maybe reduce the access to the website, and therefore make it all
but useable...
for example, when he goes to the website, instead
of timing out completely, it just slows down so much that it is impossible to
play...
I know there are other ways of doing this, but I am
looking for an IPTABLES method if at all possible.
So, to recap - Dont disable, just slow down to an
impossible crawl... maybe even using the --limit-burst stuff.
Any examples?
I thought of doing:
iptables -I FORWARD -s 207.46.20.12/32 -m limit
--limit 10/minute -j ACCEPT
however this does not seem to work - any other
ideas?
TIA
Allen
|
