?
Solved

How to use IPTable to limit Bandwith connection?

Posted on 2008-10-16
10
Medium Priority
?
533 Views
Last Modified: 2013-11-16
How to use IPTable to limit Bandwith connection:
- On each Port
- On each IP of client

My server have 10MBs NIC, I want limit port 80 (of webserver) with only 5MBs (In and out)
And each IP client connect to server has only 100KBs max

Here is my original IP table: /etc/sysconfig/iptables :
----------------------------
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type 8 -j DROP
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
----------------------------

Thanks in advanced!
0
Comment
Question by:star6868
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
10 Comments
 
LVL 19

Expert Comment

by:http:// thevpn.guru
ID: 22728828
You have to check out HTB and CBQ as IPtables does not manage bandwidth.
0
 

Author Comment

by:star6868
ID: 22729061
Sorry what are they:
HTB ?
CBQ ?
0
 
LVL 19

Expert Comment

by:http:// thevpn.guru
ID: 22729071
0
Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

 

Author Comment

by:star6868
ID: 22748287
sorry, but Is there an easier way?
0
 

Author Comment

by:star6868
ID: 22810584
Is there any iptable script to do this?
:)
0
 
LVL 2

Expert Comment

by:easyDK
ID: 23058788
It's not this simple...
Are you using kernel from distro, or are you able to build your own custom kernel from sources?
0
 

Author Comment

by:star6868
ID: 23063355
@ easyDK:
I have not yet :(
I need learn to do this?


0
 
LVL 2

Accepted Solution

by:
easyDK earned 2000 total points
ID: 23063510
Don't be lazy andread that doc in that link above, as it is really interesting thing.
Anyhow, iptables, unless patched as well as kernel, by default don't do much concerning traffic shaping.
Better from this point of view is using iproute package. For really quick start, in order to get taste, try this:

http://www.smidsrod.no/products/firewall/supershaper/

and script itself.
http://files.smidsrod.no/supershaper-start
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question