[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Rate-limiting based on packets per second?

On Thu, Nov 05, 2009 at 07:10:59PM -0800, Todd A. Jacobs wrote:
> I've read the iptables man page, but I'm not really sure I understand
> how to rate-limit packets per second globally. What I'm trying to do is

have a look at tc part of the iproute package.

> create a rule that would limit my overall inbound flows to <=200 packets
it is very hard to limit inbound, because your control only starts at
your nic , the packets have started to reach you, the best you can go is
send back icmp's

> per second- I don't care about the size, I just want to limit the number
> of packets.
> I'm thinking some kind of hashlimit on the inbound chain is what I need,
> but I can't find any practical examples that show how to do this.

"I wish I wasn't the war president. Who in the heck wants to be a war president? I don't."

	- George W. Bush
Washington, DC

Attachment: signature.asc
Description: Digital signature

Reply to: