[clug] network quotas

Kim Holburn kim.holburn at anu.edu.au
Thu Apr 17 07:09:00 EST 2003

At 8:15 PM +1000 2003/04/16, Michael Still wrote:
>On Wed, 16 Apr 2003, Kim Holburn wrote:
>> At 6:59 PM +1000 2003/04/16, Michael Still wrote:
>> >How about an iptables plugin which checks it's little list, and then can
>> >reject over quota packets?
>> If you're talking about the quota patch.  I don't think it can do what
>> I want.  It sets an absolute quota (a per router reboot quota), not a
>> per day quota.  maybe the limit match might be better.
>I hadn't realised there were modules to do this. I was more suggesting
>that you could write one...

Before I take that step, I want to find whether anyone else already has!

> > ...  Some of this
>> is possible, some I can't see how to do and I'm not sure it would not
>> run like a dog after all that.  There must be an easier way.
>The module could talk to a userspace daemon that managed persisting the
>quota information.

I use net-acct already.  net-acct doesn't use iptables at all but it's very processor intensive to analyse the logs.

>How fast are the network links into and out of the

Allegedly gigabit, but what does that mean?  It uses gigabit wire protocol?  It is faster than 100Mb?  Somewhere between 100Mb and 1Gb?  I don't believe the NICs can reach anywhere near 1Gb, still trying to work out the real speed.

Kim Holburn 
Network Consultant - Telecommunications Engineering
Research School of Information Sciences and Engineering
Australian National University - Ph: +61 2 61258620 M: +61 0417820641
Email: kim.holburn at anu.edu.au  - PGP Public Key on request

Life is complex - It has real and imaginary parts.
     Andrea Leistra (rec.arts.sf.written.Robert-jordan)

More information about the linux mailing list