-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On September 7, 2001 12:36 pm, Victor R. Cardona wrote:
On Fri, Sep 07, 2001 at 02:43:00PM +0200, Praise wrote:
On Thu, Sep 06, 2001 at 08:54:06PM +0200, Praise wrote:
I just want to learn how to use iptables. I want to set up my firewall by hand, but I have not very clear what does the --limit directive work. Does it only limit how much packets does match a rule? =20 I ask this because I plan to use something to limit the bandwidth of some computer in my LAN.=20
limit only limits the frequency that a packet can match a rule. For=20 example, iptables -A INPUT -m limit --limit 1/min -p icmp -j LOG will=20 only log one ICMP packet per minute.=20
What could I use to limit the bandwidth?
I believe that there is an experimental traffic shaper option in the kernel. To be honest, I don't know how you would do that.
The experimental one is effectively deprecated. To do it the preferred way, you need to enable QoS in the kernel and have the iproute2 utilities installed (SuSE includes these, but it may be optional). You have to use the tc and ip commands to set it up. It's pretty complicated, actually. Do a search for "QoS iproute2" to find information on it. - -- James Oakley Engineering - SolutionInc Ltd. joakley@solutioninc.com http://www.solutioninc.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.5 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7mQN2+FOexA3koIgRAoWHAJ9u6jT8+4fF5cmF8gTaGLtdCliQbACeNccY iDeEkKMiDzlIoQ9+QLdFR/I= =S82V -----END PGP SIGNATURE-----