and_woox

Thanks for the links. Will check them.

none of you know about this?

I was researching on how to patch the kernel, trying to install connbytes match, but to no avail. What do you think i should look for? Thank you

I have some scripts on my box and i was looking for a command to show the line number for a specific rule but to no avail. Do you know how i can find it out? Thank you

Hey ianw1974, what do you think?

Thanks for the tip. I used this script for connbytes: iptables -A INPUT -s 198.168.1.196 -m connbytes --connbytes 3000000: -j DROP but my connection kept going. Do you see anything missing?

For me to use these commands i will have to work with other iptables. Is there a way for me to reset the counter in a direct way?

none of you know about this?

thanks

I'm looking for a command to list the installed modules of my kernel. Do you know what command i could use? Thank you

I'm working with connbytes to limit the number of traffic(in/out) for a client in my network, but to no avail. For example if i would like to limit all trafic(not restricted to one client) i could use: iptables -A INPUT -m connbytes --connbytes 10000:100000 -j DROP How i would especify an ip? How can i reset this counter every month? Thank you

Thanks for the reply. Could you walk me over your script?

Please i'm working on an iptables script where i can grant a certain amount of monthly traffic, for example grant 8g to one client per month and if he passes that amount his connection becomes unavailable. I'm trying to find a command that serves as a network traffic counter. What should i be looking for? Thanks

So do you think this script can work well? iptables -I FORWARD -s 192.168.1.2 -p udp -m connlimit --connlimit-above 100 -j DROP

anyone?

Please i'm creating a script and some people are telling me that linux based machines dont handle the udp protocol, is this right? So basically what the implicants of using the'' -p udp'' on my script? Thanks

Please i'm working on a script to limit the bandwidth for certain clients on my network(using a router running a linux firmware). The router is the asus wl-500g, and i'm not sure if this script is finished yet. Before i load it to my router i prefer to be sure that everything is ok. What do you think about the script? TCA="tc class add dev br0" TFA="tc filter add dev br0" tc qdisc del dev br0 root tc qdisc add dev br0 root handle 1: htb tc class add dev br0 parent 1: classid 1:1 htb rate 3480kbit $TCA parent 1:1 classid 1:10 htb rate 256kbit ceil 256kbit prio 2 $TCA parent 1:1 classid 1:11 htb rate 256kbit ceil 256kbit prio 2 $TFA parent 1:0 prio 2 protocol ip handle 10 fw flowid 1:10 $TFA parent 1:0 prio 2 protocol ip handle 11 fw flowid 1:11 iptables -t mangle -A POSTROUTING -d 192.168.1.2 -j MARK --set-mark 10 iptables -t mangle -A POSTROUTING -d 192.168.1.3 -j MARK --set-mark 11 tc qdisc add dev br0 ingress $TFA parent ffff: protocol ip u32 match ip src 192.168.1.2 flowid :1 police rate 160kbit mtu 12k burst 10k drop $TFA parent ffff: protocol ip u32 match ip src 192.168.1.3 flowid :1 police rate 160kbit mtu 12k burst 10k drop iptables -I FORWARD -s 192.168.1.2 -p tcp -m connlimit --connlimit-above 100 -j DROP iptables -I FORWARD -s 192.168.1.3 -p tcp -m connlimit --connlimit-above 100 -j DROP