With out knowing more about your infrastructure, its difficult to provide concrete help. That said, you can only prioritize or police outbound traffic (as another individual on the list has pointed out). If you are using traditional network gear, this shouldn’t be particularly difficult, but details will depend on what vendor you use. If you are using Linux, you might check out tc (http://www.linux.com/learn/tutorials/330252:weekend-project-configuring-qos-for-linux-routers-gateways).
Many home routers offer a rather rudimentary form of this. It may be suitable for your needs, it may not. This is not a typical “home network” use case. :-) On Feb 22, 2014, at 2:16 PM, Keith Lofstrom <kei...@gate.kl-ic.com> wrote: > Two related problems, looking for advice: > > 1) The websites I offer from my virtual server are increasingly > being hammered by exploitbots, sometimes driving the load average > above 30. Many different sources, I assume virus-infected home > computers in botnets looking for common weaknesses. What is the > easiest way to thottle traffic from such machines, or detect > similar "attack" requests (mysql exploits, for example) and > blacklist the IP addresses they come from? > > 2) I run a Personal Telco access point, and am glad to serve > my community. However, sometimes my guests use up most of > my bandwidth. Is there an easy way to thottle the bandwidth > feeding the access point (it is by itself on a private DMZ) > to a reasonable fraction of my FIOS feed, say to 3mbps? > > Again, there are probably optimal strategies, but I'll take > easy, good-enough and hard-to-screw-up for now. > > Keith > > -- > Keith Lofstrom kei...@keithl.com > _______________________________________________ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug -- Louis Kowolowski lou...@cryptomonkeys.org Cryptomonkeys: http://www.cryptomonkeys.com/ Making life more interesting for people since 1977
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
