Focus on Linux
Dynamic firewall based on bandwidth usage ? Oct 08 2006 06:44PM
FM (dist-list LEXUM UMontreal CA) (5 replies)
Re: Dynamic firewall based on bandwidth usage ? Oct 11 2006 01:55AM
Syv Ritch (syv 911networks com)
On Sun, 08 Oct 2006 14:44:22 -0400
FM <dist-list (at) LEXUM.UMontreal (dot) CA [email concealed]> wrote:

> Hello,
> I have a common problem but cannot find a solution.
>
> My setup :
> all servers are Redhat Enterprise 4
> CISCO PIX in front on a HTTP load Balancer/failover (called a
> director in the L.V.S. jargon) that sends requests to 4 web servers
> (cluster setup based on Linux Virtual Server include in redhat
> cluster suite).
>
> Now my prob :-)
>
> From time to time users download our site and block all http
> connexion, and worst, use all our bandwidth. So I have to block (or
> redirect) those network abusers after a download limit (for ex :
> 1Gb per day) for lets say 1day.
>
> Because of the director, I cannot use the apache2 mod_cband.
>
> My first though is to look at the iptables on the director but I
> cannot find any information about that kind of setup.
>
> Do you know if it is possible using build in linux
> tools(iptables ?).
>
> If not, do you know some hardware appliance that could do that ?

Cisco does that. Depending on which PIX and which version of the PIX,
you can do traffic shaping/policing based on a sliding window. Even a
Cisco 1750 serie will do it.

Then you can lower the quality of service to a level, that everybody
else get priority over them.

Hope this help

--
Thanks
http://www.911networks.com
When the network has to work

[ reply ]
Re: Dynamic firewall based on bandwidth usage ? Oct 10 2006 07:27PM
Alain Degreffe (info lolisoft be)
Re: Dynamic firewall based on bandwidth usage ? Oct 10 2006 06:42PM
Uday K. MOORJANI (umoorjani mediaserv net)
Re: Dynamic firewall based on bandwidth usage ? Oct 10 2006 06:31PM
Nate Nord (nnord colnets com)
Re: Dynamic firewall based on bandwidth usage ? Oct 10 2006 06:20PM
Vladimir Mitiouchev (vovcia gmail com) (2 replies)
Re: Dynamic firewall based on bandwidth usage ? Oct 12 2006 07:11AM
Peter Becker (peter becker oberkassel de)
Re: Dynamic firewall based on bandwidth usage ? Oct 10 2006 06:22PM
Vladimir Mitiouchev (vovcia gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus