Re: limit traffic based on IPs

2013-08-12 Thread shawn wilson 
On Mon, Aug 12, 2013 at 4:28 AM, binary dreamer
 wrote:
> stuck big time with the syntax of an iptable.
> i would like to permit the speed of 512/512kbps to ips 192.168.1.2-5
> i would like to permit the speed of 1024/1024kbps to ips 192.168.1.6-10
> i would like to permit the speed of 2048/2048kbps to ips 192.168.1.11-12
> the rest of the ips will set to free traffic

Basically what you want to do is 'mark' the packet with iptables (it's
a kernel flag) and then 'handle' it with tc. Just a quick google
(though tc if fairly complex and has a tree like structure which you
might want to read about):
http://www.linuxquestions.org/questions/linux-networking-3/iptables-mark-combine-with-tc-382100/


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CAH_OBif7cipyFoX4=tbr4viflomcpnhg3sw+mkny_tlrvvz...@mail.gmail.com

Re: limit traffic based on IPs

2013-08-12 Thread David Goodenough 
On Monday 12 Aug 2013, binary dreamer wrote:
> stuck big time with the syntax of an iptable.
> i would like to permit the speed of 512/512kbps to ips 192.168.1.2-5
> i would like to permit the speed of 1024/1024kbps to ips 192.168.1.6-10
> i would like to permit the speed of 2048/2048kbps to ips 192.168.1.11-12
> the rest of the ips will set to free traffic
You need to look at tc not iptables.  

David


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/201308121000.16898.david.goodeno...@btconnect.com

Re: limit traffic based on IPs

2013-08-12 Thread Jochen Spieker 
binary dreamer:
> 
> stuck big time with the syntax of an iptable.
> i would like to permit the speed of 512/512kbps to ips 192.168.1.2-5
> i would like to permit the speed of 1024/1024kbps to ips 192.168.1.6-10
> i would like to permit the speed of 2048/2048kbps to ips 192.168.1.11-12
> the rest of the ips will set to free traffic

What did you try and how does it fail?

This link is probably a good starting point:
http://serverfault.com/questions/154451/throttle-bandwidth-via-iptables

It doesn't appear to me that iptables is necessarily the best tool to
achieve what you want. But then I am not sure if your stated goal is
actually the best way to achieve what you *really* want. Is it possible
that you actually need QoS (Quality of Service) instead of fixed
bandwidth limits?

J.
-- 
I worry about people thinking I have lost direction.
[Agree]   [Disagree]
 


signature.asc
Description: Digital signature

limit traffic based on IPs

2013-08-12 Thread binary dreamer 
stuck big time with the syntax of an iptable.
i would like to permit the speed of 512/512kbps to ips 192.168.1.2-5
i would like to permit the speed of 1024/1024kbps to ips 192.168.1.6-10
i would like to permit the speed of 2048/2048kbps to ips 192.168.1.11-12
the rest of the ips will set to free traffic