How limit bandwidth

cuencano · 06-22-2005, 12:03 PM

Please, how limit inblound bandwidth in fedora core 2, i use cbq but don´t work in inbound traffic.

Half_Elf · 06-22-2005, 12:32 PM

hmmm _why_ do you want to limit inbound bandwidth?
If you think it will prevent you from flooding, please note it is useless

I dont know if it could do the job for you, but I like to use iptables to limit inbound connections (like how many "connections" I accept on a service for a given time) but if you really need bandwidth, it won't do the job.

cuencano · 06-22-2005, 12:45 PM

i need in cyber becouse the navigate eat all bandwidth and the telephony don't work then i need limit the inbound bandwidth for navigation.

Thanks

newpenguin · 06-22-2005, 04:55 PM

there is also a iptables byte limit patch.
you can limit bandwidth easily with this.

cuencano · 06-23-2005, 11:21 AM

thanks, but i know about byte limit patch can you give me a tip please?

born4linux · 06-24-2005, 02:43 AM

check www.lartc.org

cuencano · 06-24-2005, 09:17 AM

Thanks but i check lartc.org and not limit the inbound traffic, please help me is urgent.

Thanks.....

SirGertrude · 06-24-2005, 01:56 PM

CBQ would work for your application, but is is not efficient because CBQ is used to shape traffic. You need to do ingress traffic policing.

Here is an example:

Assume that my WAN interface is eth1 and I am limiting inbound traffic from ip address: 12.12.12.12

Code:

tc qdisc del dev eth1 ingress
tc qdisc add dev eth1 handle ffff: ingress
tc filter add dev eth1 parent ffff: protocol ip prio 50 u32 match ip src 12.12.12.12 police rate 128kbit burst 15k drop flowid :1

The first line clears any existing ingress qdisc on eth1, if it gives you weird output that is fine.
The second line creates an ingress qdisc on eth1.
The third line creates a 128 Kbps bandwidth cap on all traffic coming from IP address: 12.12.12.12. If this traffic comes in at a rate of higher than 128 Kbps the action will be to drop excess packets.

NOTE: This will work if you are using a service that uses the TCP protocol because TCP will adjust its speed when it starts losing packets. If the connection is saturated with UDP traffic then this will not help you. This is not meant to prevent or mitigate attacks.

Good Luck!

ikillu · 06-30-2005, 12:49 AM

Try CBQ. its best for bandwidth limiting. just use a simple script file and simple configuration.

1. Download CBQ script from https://sourceforge.net/projects/cbqinit .
2. Rename cbq.init-v0.7.3 to cbq.init and cbq.init to /etc/rc.d/
3. now make a file "cbq.999-network" into /etc/sysconfig/cbq/
4. type flowing lines

DEVICE=eth0,10Mbit,1Mbit
RATE=64Kbit
WEIGHT=6Kbit
PRIO=5
RULE=192.168.1.0/24

5. now run CBQ script -> /etc/rc.d/cbq.init

AND magic of this one file simple script.

for more information see http://www.linuxsecurity.com/resourc...HOWTO/cbq.html

Ipolit · 06-30-2005, 04:04 AM

in the RULE u can specify ports, so cbq.init will work fine for u

epsharma · 07-18-2005, 04:57 AM

I have installed cbq to throttle bandwidth . I didnt know how to gauze the bandwidth connecting to my computer .
I could not trace the log of cbq and at the same time no idea how to account bandwidth for different ip ( different ruleset )

Any help in this regard will be appreciated,

Thanks,
eswari