How to restrict NAT traffic to specific IPs in Linux Gentoo?

P

prabhu2012-03-09 13:55:24

linux

prabhu, 2012-03-09 13:55:24

Good day, gentlemen. Tell me how to deal with such a problem: Linux Gentoo 2.6.37-hardened-r2 which NATs certain IP addresses in a subnet. How to limit the traffic to these IPs, otherwise some of them *** will clog up the entire channel.

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

M

Maxim, 2012-03-09
@Maxim_ka

You can use tc for this, although I can't be sure that in Ghent this would be the most convenient way.

P

peter23, 2012-03-09
@peter23

Those. you need shaping. To do this, in Linux, tc is used. You can write tc rules by hand, or you can use, for example, the htbinit script . It generates tc rules based on more or less readable configs.

M

merlin-vrn, 2012-03-09
@merlin-vrn

To begin with, limit = prohibit or allow, but limit?
If the first - then iptables -A FORWARD -s address -j DROP
If the second - then tc and figure it out, it's really more difficult. There are no ready-made initscripts in jent, it is quite possible to write your own.

P

Puma Thailand, 2012-03-10
@opium

I usually just drop every fifth packet to such connections and say that the network is overloaded, people always come to their senses and do not overload. Social engineering what can I say.