[nSLUG] upstream bandwidth with iptables

Oliver Baltzer ob at init.ca
Mon Jun 2 00:16:21 ADT 2003


Hi Vikram,

On 01-Jun-2003 23:39 -0300, Vikram was heard to say:
> I am wondering if I could fix my iptables to control the maximum
> upstream bandwidth. 

Unfortunately bandwidth management with Linux is not that easy. AFAIK
there are two (or probably more) possibilies. One would be to use an
internal iptables packet counter to only allow a certain number of
packages to pass the firewall within a given time interval (see iptables
manpage). Another more professional possibility is described in the
Linux Advanced Routing Howto http://lartc.org/howto/ and
http://luxik.cdi.cz/~devik/qos/htb/ .  It seems to be a bit more
complex, but therefor more flexible.

> However, I regularly move large files from home to office computer and I
> dont want that to be affected. Is it possible to allow unlimited upload to
> a specific ip address and maintain a maximum upload bandwidth for any other
> ip address?

Either way, if you use iptables the rules are usually bound to certein
standard criteria like IP address, protocol, port etc., so that you
will be able to except your office machine from the bandwidth
limitation.

Best regards,
Oliver




More information about the nSLUG mailing list