Re: quota and time patch.

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Fabrice MARIE <fabrice@celestix.com>
To: SB CH <chulmin2@hotmail.com>, netfilter@lists.netfilter.org
Subject: Re: quota and time patch.
Date: Fri, 27 Sep 2002 11:27:03 +0800	[thread overview]
Message-ID: <200209271127.03831.fabrice@celestix.com> (raw)
In-Reply-To: <F91y07vQONDZsbg5YX600007f11@hotmail.com>

Hello,

On Friday 27 September 2002 10:30, SB CH wrote:
> Hello all.
> I would like to limit the traffic usage per user
> using iptables extension function, quota and time.
> for example, I would like to set like this.
> one can use 10M http traffic per hour per one IP address at business
> time(09h~18h).
> Is it possible to set using iptables?
> thanks in advance.

The problem with the current iptables framework is that you cannot
"auto-remove" rules dynamically. For example, the quota match will
increase the used-up quota, until the limit is reached, after which
the rule will stop matching. However the quota rule will not go away
by itself, and cannot be made so. So as things are right now, no, you
cannot do what you want.

It would be easy enough however to modify the source of the quota match to implement
quota per hour with a quota that would reset once the new time slice starts.

Have a nice day,

Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://www.celestix.com/

"Silly hacker, root is for administrators"
       -Unknown

next prev parent reply	other threads:[~2002-09-27  3:27 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-09-27  2:30 quota and time patch SB CH
2002-09-27  3:27 ` Fabrice MARIE [this message]
2002-09-27  4:29 ` Alexey Talikov
2002-09-27  5:00   ` Fabrice MARIE

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=200209271127.03831.fabrice@celestix.com \
    --to=fabrice@celestix.com \
    --cc=chulmin2@hotmail.com \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.