Re: Traffic limitation with iptables

Xemul <epv_xemul@xxxxxxx> · Wed, 23 Jul 2003 19:17:30 +0400

On Wed, 23 Jul 2003 08:07:40 +1000
"George Vieira" <georgev@xxxxxxxxxxxxxxxxxxxxxx> wrote:

> Use the Quota patch and it'll limit the rule by itself..			
> 

Thank you VERY much :)
This is exactly what I want.
Well I've got one more question.
Consider using 2 additional tables like this:

iptables -N table1
iptables -N table2
iptbales -A FORWARD -s 192.168.2.1 -j table1
iptables -A FORWARD -s 192.168.2.2 -j table2
iptables -A table1 -m quota --quota 10000 -j RETURN
iptables -A table1 -j DROP
iptables -A table2 -m quota --quota 10000 -j RETURN
iptables -A table2 -j DROP

By doing this I'll limit outgoing traffic for 192.168.2.1 and for .2
independently and the speed won't be too small I hope.
Then consider I have not 2 but 100 tables like table1, table2, ...
table100. What about the perfomance in this case? Won't it be too small?