How to limit NAT traffic to private IP on Linux Gentoo?

Good day, ladies and gentlemen. Tell me how to cope with this problem: Gentoo Linux 2.6.37-hardened-r2, which NATит certain IP addresses in the subnet. How to restrict the traffic to those IP, and some of them ***evout and clog the entire channel.
October 8th 19 at 02:22
4 answers
October 8th 19 at 02:24
You can use tc for this, although I can not be sure what to Ghent this will be the most convenient way.
October 8th 19 at 02:26
Ie you need the shaping. To do this in Linux is tc. You can write rules tc hands, and you can use the example script htbinit. It generates rules tc on the basis of more or less readable configs.
recommend htb.init — simple and clear article on setting up — habrahabr.ru/blogs/linux/60095/ - Velva_Wym commented on October 8th 19 at 02:29
October 8th 19 at 02:28
For a start, limit = allow or disallow, but to limit?

If the first — then iptables-A FORWARD -s address -j DROP
If the second — that the tc sort it out, it's really difficult. Finished you may find the initscripts in the Gent no, your write is quite real.
limit = allow but limit the speed to say 512 kb/s - Velva_Wym commented on October 8th 19 at 02:31
But then I think one can cook up a small config tc, depending on customers, in principle, not difficult sadovina, third-party nothing, just a script in the autostart will work on hurrah! - jevon_Little78 commented on October 8th 19 at 02:34
October 8th 19 at 02:30
I usually just dropou this type of connection, every fifth packet and say that the network is congested, people are always themselves to its senses and does not overwhelm. Social engineering what can I say.

Find more questions by tags GentooAnalysis of site trafficNetwork administrationLinux