I'm looking to prevent a visitors from downloading +100M in a day from my website.
Most guides show just this, or with a
-s ip_addr
Code:
iptables -A OUTPUT -p tcp -m quota --quota 104857600
I want this to apply individually to each ip address, so I can't use a -s match.
The problem is this is with OUTPUT, so it's universal, once a cumulative 100M has been reached - everyone has been blocked (not to mention SSH)
I presume that these connections are established, should I limit those? instead?