[CentOS] which firewall to automatically block bandwidth abusers?

Thu Aug 18 19:27:47 UTC 2011
Rudi Ahlers <Rudi at SoftDux.com>

On Thu, Aug 18, 2011 at 9:21 PM, Les Mikesell <lesmikesell at gmail.com> wrote:
> On 8/18/2011 2:01 PM, Rudi Ahlers wrote:
>> Let's try again:
>>
>>
>> I need to automatically block any user who abuses bandwidth, either
>> incoming or outgoing. I should be able to set the limits, in either
>> rate/s or usage/s: 1Mb/s or 10GB/h, for example.
>>
>> Then, any users, connecting from anywhere, on any IP should be blocked
>> - either if he uploads or downloads (i.e ingres&  outgres) for a
>> specific amount of time.
>
> Those requirements don't mesh very well with the real world.  That is,
> people use use a network that they've been provided or paid for aren't
> necessarily 'abusing' anything, and blocking access at times when the
> network isn't fully loaded doesn't help anyone.  What's the big picture
> here?  Don't you really need QOS to throttle certain things at peak
> times only?
>
> --
>   Les Mikesell
>    lesmikesell at gmail.com
>
> _______________________________________________


Les, it's not really about blocking people who paid.

the servers in question provide a free service and no money is
generated from it, but the client still pays for bandwidth so we'd
like to cap heavy users a bit to avoid expensive bills.


I know the requirements are strange, but I'm really hoping I could
find something that could do this for us.
Right now they have someone who monitors ntop and block IP's that way
around, but it's inefficient and a salary which could have been spent
elsewhere.

Bandwidth in our country is exuberantly expensive, probably about 20x
the price of bandwidth in the USA



-- 
Kind Regards
Rudi Ahlers
SoftDux

Website: http://www.SoftDux.com
Technical Blog: http://Blog.SoftDux.com
Office: 087 805 9573
Cell: 082 554 7532