Re: Dynamic firewall based on bandwidth usage ?



The newest PIX O/S has QoS capability that would allow you to throttle
bandwidth based on protocol. I haven't deployed it yet but plan on
testing soon...


Hello,
I have a common problem but cannot find a solution.

My setup :
all servers are Redhat Enterprise 4
CISCO PIX in front on a HTTP load Balancer/failover (called a director
in the L.V.S. jargon) that sends requests to 4 web servers (cluster
setup based on Linux Virtual Server include in redhat cluster suite).

Now my prob :-)

From time to time users download our site and block all http connexion,
and worst, use all our bandwidth. So I have to block (or redirect) those
network abusers after a download limit (for ex : 1Gb per day) for lets
say 1day.

Because of the director, I cannot use the apache2 mod_cband.

My first though is to look at the iptables on the director but I cannot
find any information about that kind of setup.

Do you know if it is possible using build in linux tools(iptables ?).

If not, do you know some hardware appliance that could do that ?

Thanks !




Relevant Pages

  • Re: Upload speed
    ... software on both machines and connecting to the same servers. ... I used Pure Networks Network Magic. ... 10Mbits/sec of exclusive bandwidth for the duration of the test. ...
    (alt.internet.wireless)
  • Re: porn emails
    ... Not only are their incoming mails but your ISP's servers now are ... Michael Solomon MS-MVP ... it's your bandwidth because it is your ISP and its our bandwidth ... > emails. ...
    (microsoft.public.windowsxp.general)
  • Re: Which hardware firewall should I use for web servers doing 100 Mbps
    ... this you will run into issues such as interupt latency, PCI bus bandwidth, ... The OP stated that he is co-locating these 6 servers. ... > that has even less overhead than the relatively lean Linux OS may be the ... >> may just want to consider throwing some gigabit nics in a Linux box and ...
    (comp.security.firewalls)