[CentOS] which firewall to automatically block bandwidth abusers?
Les Mikesell
lesmikesell at gmail.com
Thu Aug 18 19:38:56 UTC 2011
On 8/18/2011 2:27 PM, Rudi Ahlers wrote:
>
>>> I need to automatically block any user who abuses bandwidth, either
>>> incoming or outgoing. I should be able to set the limits, in either
>>> rate/s or usage/s: 1Mb/s or 10GB/h, for example.
>>>
>>> Then, any users, connecting from anywhere, on any IP should be blocked
>>> - either if he uploads or downloads (i.e ingres& outgres) for a
>>> specific amount of time.
>>
>> Those requirements don't mesh very well with the real world. That is,
>> people use use a network that they've been provided or paid for aren't
>> necessarily 'abusing' anything, and blocking access at times when the
>> network isn't fully loaded doesn't help anyone. What's the big picture
>> here? Don't you really need QOS to throttle certain things at peak
>> times only?
>>
>
> Les, it's not really about blocking people who paid.
>
> the servers in question provide a free service and no money is
> generated from it, but the client still pays for bandwidth so we'd
> like to cap heavy users a bit to avoid expensive bills.
Are you paying for bandwidth by total bits transferred or by peak or
95th percentile rate?
> I know the requirements are strange, but I'm really hoping I could
> find something that could do this for us.
> Right now they have someone who monitors ntop and block IP's that way
> around, but it's inefficient and a salary which could have been spent
> elsewhere.
You should be able to automate what you are doing with ntop. Or use a
netflow collector to centralize the traffic counting and translate your
rules into iptables settings.
--
Les Mikesell
lesmikesell at gmail.com
More information about the CentOS
mailing list