[LARTC] control p2p upload bandwidth rate
Jody Shumaker
jody.shumaker at gmail.com
Wed Jan 11 06:11:45 CET 2006
#accepts the packet if it has a mark besides the default 0 and prevents the
saved mark from being changed
iptables -t mangle -A PREROUTING -p tcp -m mark ! --mark 0 -j ACCEPT
That section after the restore-mark rule will cause any saved marks to skip
the rest of the chain. This results in only the first packets of a tcp
connection having to hit their individual --set-mark rule. If you do have
concerns about cpu usage or some such, I'd suggest trying trying out the
ipp2p match module instead of the more generic l7match module. It's more
specific to p2p and tends to be much faster than doing regular expressions.
On 1/10/06, Nataniel Klug <nata at cnett.com.br> wrote:
>
> I have a script that makes connections for every user with his auth. So,
> in this script, I have two mark tags. Can I use this tip you give to ro0ot?
> My doubt is if I use this every time some user log it will be all executed
> again, it will not make me trouble?
>
I'm not sure exactly what you mean by this. If my above explanation doesn't
apply, could you possibly explain or give an example?
- Jody
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ds9a.nl/pipermail/lartc/attachments/20060111/bc4970f2/attachment.html
More information about the LARTC
mailing list