Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Limit transfer speed rate by iptables Rules
Top Forums UNIX for Advanced & Expert Users Limit transfer speed rate by iptables Rules Post 302934505 by iLinux85 on Sunday 8th of February 2015 02:14:29 AM
Old 02-08-2015
Limit transfer speed rate by iptables Rules
I have D-Link Router DSL-2730U that support busybox OS and iptables version 1.4.0

I managed successfully to block the host for being connect to the internet using the following command

block by ip address

Code:
iptables -I  FORWARD -d 192.168.1.6 -j DROP

Or By mac source

Code:
iptables -I FORWARD -m mac --mac-source bc:20:a4:ff:79:80 -j DROP

The only problem now i have is trying to limit transfer speed rate (upload & download) to be only serve 30/kbps by MAC Address using iptables

I tried to make iptables rule like

Code:
iptables -I FORWARD -m mac --mac-source bc:20:a4:ff:79:80 -m state --state RELATED,ESTABLISHED -m limit --limit 100/second --limit-burst 30 -j ACCEPT

But it didn't work

Note : this router cannot modify , delete or add any files . i cannot make a bash or script file inside the router run , and unfortunately the iptables connlimit module not supported in this iptables version too
 

10 More Discussions You Might Find Interesting

1. Cybersecurity

~ IPTables : Limit Incoming UDP Packets With a Certain Length ~

Hello, I am currently trying to limit incoming UDP length 20 packets on a per IP basis to 5 a second using IPTables on a Linux machine (CentOS 5.2). Basically, if an IP is sending more than 5 length 20 UDP packet a second to the local machine, I would like the machine to drop the excess... (1 Reply)
Discussion started by: tomboy123
1 Replies

2. Filesystems, Disks and Memory

data from blktrace: read speed V.S. write speed

I analysed disk performance with blktrace and get some data: read: 8,3 4 2141 2.882115217 3342 Q R 195732187 + 32 8,3 4 2142 2.882116411 3342 G R 195732187 + 32 8,3 4 2144 2.882117647 3342 I R 195732187 + 32 8,3 4 2145 ... (1 Reply)
Discussion started by: W.C.C
1 Replies

3. UNIX for Dummies Questions & Answers

Very SLOW STFTP transfer rate

Hi, I am experiencing extremely show transfer rates when transferring zip files over SFTP. Over FTP it works fine. I have disabled compression in the sshd_config file but that does not seem to help.. Any ideas? (0 Replies)
Discussion started by: mojoman
0 Replies

4. UNIX for Dummies Questions & Answers

Transfer Rate Disk

hi guys I have a linux server which has about 5 volumes from SAN (fiber channel) now I need to measure the transfer rate between one LUN which is a Logical Volume to another LUN which is another Logical Volume. so basically this server has 5 LUNs from SAN each SAN volume is a logical volume... (3 Replies)
Discussion started by: karlochacon
3 Replies

5. UNIX for Dummies Questions & Answers

Iptables, port forwarding, 64k connection limit?

I am having an issue with iptables. My server is a RHEL6 64bit system. In my application I have a large number of connected clients ~100k to a particular service. The application works fine when iptables is off, 100k clients are able to connect. However, when I turn iptables on and add a... (1 Reply)
Discussion started by: jtipp3tt
1 Replies

6. Shell Programming and Scripting

iptables - Limit Connections Per Second

Hi, Sorry for my english. I need a shell script. . If IP make more than 300 connection attempts to port:80 within 10 seconds I want block it for 3600 second in iptables. Thank you ver much for help. (2 Replies)
Discussion started by: tara123
2 Replies

7. IP Networking

Getting MAXIMUM transfer speed on LAN

Dear All, I have a problem with the transfer speed between 2 hosts on my local network (LAN). At home, I have a switch (NETGEAR GS105 ProSafe 5-Port Gigabit Ethernet Desktop Switch) which obviously supports Gigabit Ethernet, 2 boxes (intel NUC DC3217IYE Barebone PC and Gygabyte BRIX GB-XM12... (7 Replies)
Discussion started by: freddie50
7 Replies

8. UNIX for Advanced & Expert Users

iptables help with rules

Hi, I've been struggling with this all morning and seem to have a blind spot on what the problem is. I'm trying to use iptables to block traffic on a little cluster of raspberry pi's but to allow ssh and ping traffic within it. The cluster has a firewall server with a wifi card connecting to... (4 Replies)
Discussion started by: steadyonabix
4 Replies

9. Cybersecurity

Need help for iptables rules

Hello, I did 2 scripts. The second one is, I hope, more secure. What do you think? Basic connection (no server, no router, no DHCP and the Ipv6 is disabled) #######script one #################### iptables -F iptables -X -t filter iptables -P INPUT DROP iptables -P FORWARD... (6 Replies)
Discussion started by: Thomas342
6 Replies

10. UNIX for Beginners Questions & Answers

Email - Unsolicited Rate Limit Error

Hello, I thought twice before posting. I am sorry, I know you will say "this is not linux originated issue" Does anybody know how to get rid of bulk email warning of gmail? The problem is called "Unsolicited Rate Limit Error". We have been using google's mail service free of charge in our office... (3 Replies)
Discussion started by: baris35
3 Replies

LEARN ABOUT CENTOS

iptables-xml

IPTABLES-XML(1) 						  iptables 1.4.21						   IPTABLES-XML(1)

NAME

       iptables-xml -- Convert iptables-save format to XML

SYNOPSIS

       iptables-xml [-c] [-v]

DESCRIPTION

       iptables-xml  is  used  to convert the output of iptables-save into an easily manipulatable XML format to STDOUT.  Use I/O-redirection pro-
       vided by your shell to write to a file.

       -c, --combine
	      combine consecutive rules with the same matches but different targets. iptables does not currently support more than one target  per
	      match,  so this simulates that by collecting the targets from consecutive iptables rules into one action tag, but only when the rule
	      matches are identical. Terminating actions like RETURN, DROP, ACCEPT and QUEUE are not combined with subsequent targets.

       -v, --verbose
	      Output xml comments containing the iptables line from which the XML is derived

       iptables-xml does a mechanistic conversion to a very expressive xml format; the only semantic considerations are for -g and -j  targets	in
       order to discriminate between <call> <goto> and <nane-of-target> as it helps xml processing scripts if they can tell the difference between
       a target like SNAT and another chain.

       Some sample output is:

       <iptables-rules>
	 <table name="mangle">
	   <chain name="PREROUTING" policy="ACCEPT" packet-count="63436" byte-count="7137573">
	     <rule>
	      <conditions>
	       <match>
		 <p>tcp</p>
	       </match>
	       <tcp>
		 <sport>8443</sport>
	       </tcp>
	      </conditions>
	      <actions>
	       <call>
		 <check_ip/>
	       </call>
	       <ACCEPT/>
	      </actions>
	     </rule>
	   </chain>
	 </table> </iptables-rules>

       Conversion from XML to iptables-save format may be done using the iptables.xslt script and xsltproc, or a custom program using  libxsltproc
       or similar; in this fashion:

       xsltproc iptables.xslt my-iptables.xml | iptables-restore

BUGS

       None known as of iptables-1.3.7 release

AUTHOR

       Sam Liddicott <azez@ufomechanic.net>

SEE ALSO

       iptables-save(8), iptables-restore(8), iptables(8)

iptables 1.4.21 														   IPTABLES-XML(1)
All times are GMT -4. The time now is 08:07 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy