Scott van Looy wrote:
Today Martijn Lievaart did spake thusly:
Scott van Looy wrote:
I'm on DSL, I only have small upstream and big downstream.
Everything goes through a 1:1 NAT iptables firewall - so internal
IPs are directly mapped to an external IP. I want to throttle the
internal upstream bandwidth so the internal machines can't upload at
more than 25k/s as the maxing out of the upstream is killing the
much faster downstream...is there a way to do this using iptables?
Google for wondershaper.
I use wondershaper, it doesn't let me throttle on a per machine basis
tho - I want the firewall to only allow a max of 25k out for each of
my internal machines
Ah, then you have to do some work yourself. The answer is most probably
tc, not netfilter. If you don't have a lot of internal machines, you can
add a filter/qdisc for all of them but for large amounts of internal
machines (or with dhcp), this gets unwieldy.
However, wondershaper should do what you ultimately want, shape traffic
so uploads don't disturb downloads. It works for me.
M4
