On 18/08/2011 4:13, Craig White wrote: > On Wed, 2011-08-17 at 21:50 +0200, Rudi Ahlers wrote: >> Hi, >> >> I'm looking for a firewall (preferably on Linux / UNIX) that could >> automatically block bandwidth abusers as soon as a connection goes >> over a certain speed, or limit - i.e. either more than say 3Mb/s or >> 10GB in a giving period (like weekly / monthly). >> >> But, I need it to block the IP to, or where the traffic comes from, or >> goes to. i.e. a user logs into a web server and upload a LOT of data, >> then the firewall should block him, but not other people. >> >> Or, someone uploads a small bit of data but downloads a lot of data >> and then get's blocked. >> But I need to set thresholds >> And I should be able to exclude certain IP's / domains from the limits. >> >> Does this make sense? >> >> Can this be done with iptables? If so, how? >> >> If not, what else could I use for this? >> >> >> A normal DDOS prevention firewall doesn't really work since it only >> blocks traffic coming in. But I need to limit traffic going out as >> well. >> >> The servers behind the firewall will serve mail, http, ftp, sql and SSH > ---- > http://tinyurl.com/3n5yn8u Would you mind providing the url without using such url shorteners? Thanks, Regards