On 01/02/2019 04:31 AM, Florian Westphal wrote:
Daniel Lakeland <dlakelan@xxxxxxxxxxxxxxxxxx> wrote:
Suppose I have a named quota myquota and I want a rule that checks to see if
a certain mark is on the packets, and if so, check to see if the quota is
over its quota, and if so drop packets
Not possible, afaik.
What exactly is the reason to even have named quotas if you can't do
anything with them? Obviously I guess it lets you keep track of how much
traffic you've used and report it to userspace but it seems that it
should be possible to alter the firewall behavior based on those named
quotas as well.
