LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 04-29-2013, 09:55 AM   #1
fandar
Member
 
Registered: Oct 2006
Posts: 60

Rep: Reputation: 15
Iptables quota limiting problem


Hello,
I have a problem with the quota in iptables. I have rules like bellow for every IP, where quota is the specified limit in bytes. The problem is that it doesnt stop when the exactly limit is reached..for example when I set it to 1MB (quota=1048576)..it blocks the IPs when it reaches from 1.02 to 1.04MB instead of exact 1MB..when I set the limit to 10MB (quota=1073741824) Then it blocks the ip when it reaches 10.3 - 10.9 MB..is there a way to limit it on the exact specified amount of data?

Code:
/sbin/iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.2 -j MASQUERADE
 /sbin/iptables -N table1
 /sbin/iptables -A FORWARD -j table1 -d 192.168.0.2
 /sbin/iptables -A FORWARD -j table1 -s 192.168.0.2
 /sbin/iptables -A table1 -m quota --quota $quota -j ACCEPT
 /sbin/iptables -A table1 -j REJECT
I am using iptables v1.4.8 and kernel 2.6.32-5-amd64

Thank You in advance
Frank
 
Old 04-30-2013, 11:19 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,944
Blog Entries: 54

Rep: Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731
Quote:
Originally Posted by fandar View Post
The problem is that it doesnt stop when the exactly limit is reached
You tested it twice and apparently it just doesn't. Or it's applying rules not taken into account like applying quota at the start of a new stream. Check the source code, it should tell?..
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Iptables and SSH rate limiting Arty Ziff Linux - Security 4 05-21-2011 02:03 PM
Group quota not limiting for users not identical to the group? jalexxi Linux - Server 1 03-10-2009 12:44 AM
Outgoing rate limiting with iptables problem. goofyheadedpunk Linux - Networking 10 03-01-2009 06:34 PM
Bandwidth limiting using iptables kripz Linux - Networking 3 12-04-2007 08:11 PM
Iptables connection limiting ivanatora Linux - Networking 5 01-09-2005 09:56 AM


All times are GMT -5. The time now is 11:56 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration