On Thu, 18 Aug 2011, Rudi Ahlers wrote:
On Thu, Aug 18, 2011 at 9:38 PM, Mike mike@microdel.org wrote:
I have read through that document link on http://lartc.org/lartc.html#AEN1393 and the closest I could get is rate limiting, but that doesn't actually block the IP if it goes over a certain threshold, it just slows everything down.
So I'm not sure I fully understand your requirements. Why isn't slowing the user to zero or at least near zero sufficient?
How do I slow one user down, without affecting the others? The way I understand rate limiting is that you rate limit a certain protocol / port, or IP / IP range.
So, how would I automatically slow down someone (on any IP address, and accessing any protocol) once he hits a certain threshold / limit?
I think I understand now and the short answer is that you can't! In other words you're saying that say "Steve" is using a ton of bandwidth so you want to block him. But "Fred" and 10 other users that may be at the same IP address are fine and you don't want to block them. I mean you could conceptually at least block the IP/Source port that "Steve" is "coming from" right now. But the source port (and perhaps IP) will eventually change and your block is now useless.