LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 10-05-2016, 04:55 PM   #1
intmail01
Member
 
Registered: May 2013
Posts: 91

Rep: Reputation: Disabled
iptables, byte count and quota


Hello,

I try to limit my internet transfert by using "quota" with iptables.

These are my rules to limit 10MB of data transfert:
Code:
iptables -A OUTPUT -p tcp -m multiport -m quota --dport 80,443 --quota 10240000 -j ACCEPT
Code:
iptables -A OUTPUT -p tcp -m multiport --dport 80,443 -j DROP
When checking my transfert by using "iptables -L output -v", the byte column doesnot match the ammount given by my router.
iptable shows 2M, wehreas router and ISP tell me 10M (input + output). There is too much difference.

Could some one tell what is wrong.
 
Old 10-06-2016, 02:49 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Quote:
Originally Posted by intmail01 View Post
When checking my transfert by using "iptables -L output -v", the byte column doesnot match the ammount given by my router.
iptable shows 2M, wehreas router and ISP tell me 10M (input + output). There is too much difference.
What we have here is two iptables rules without their corresponding location in the rule set (as in full 'iptables-save' output) and no "evidence" of the actual output of 'iptables -t filter -nvxL OUTPUT;' and output of what exactly your router and ISP measure and "tell" you. Also note traffic may not be symmetrical, for example you browsing web sites or streaming music tends to be highly asymmetrical as a small request results in downloading huge amounts of data. Until there's more and comparable data there's no way telling what's wrong (if there actually is).
 
Old 10-29-2016, 01:51 PM   #3
intmail01
Member
 
Registered: May 2013
Posts: 91

Original Poster
Rep: Reputation: Disabled
This is the right commands to limit network by using quota:

Code:
iptables -i wlan0 -A INPUT   ! -s 192.168.8.1  -m quota --quota 1024000 -j ACCEPT -c 0 0;
iptables -i wlan0 -A INPUT   ! -s 192.168.8.1  -j DROP;
wlan0 is the name of the interface which is connected to the router. The address of the router is 192.168.8.1
There are also data output which are about 10% of my input:

Code:
iptables -o wlan0 -A OUTPUT   ! -s 192.168.8.1  -m quota --quota 102400 -j ACCEPT -c 0 0;
iptables -o wlan0 -A OUTPUT   ! -s 192.168.8.1  -j DROP;
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] memcpy fails to copy data, but byte by byte assignment work venu_s Programming 7 07-08-2011 03:29 AM
CUPS print quota by page count per user leonard.kroll Linux - General 0 05-12-2011 01:56 PM
need quota to count space for each hard linked file James259 Linux - Software 2 02-20-2011 07:05 AM
PPP byte count using ifconfig TruView Linux - Networking 3 10-09-2004 08:47 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:53 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration