connrate匹配
匹配传输速率
The connrate match is used to match against the current transfer speed of a4TuO©skylove.study-area.org
connection. The algorithm averages transferred bytes over a time sliding windowWV©skylove.study-area.org
of constant size. The maximum and minimum rates measurable are explained in thekO©skylove.study-area.org
code, along the algorithm used in the measurements.ook©skylove.study-area.org
gVK©skylove.study-area.org
This match can easily be used to reclassify connections based on their currentbHC©skylove.study-area.org
transfer rate, but is not meant for directly dropping packets, because packet36G©skylove.study-area.org
drops affect the rate being estimated.uZ©skylove.study-area.org
uf©skylove.study-area.org
The transfer rate per connection can also be viewed throughfJb©skylove.study-area.org
/proc/net/ip_conntrack.suJ©skylove.study-area.org
YYTP©skylove.study-area.org
Usage:cHGd©skylove.study-area.org
--connrate [!] [FROM]:[TO]JrT©skylove.study-area.org
aT©skylove.study-area.org
will match packet from a connection which is currently transferring more than7Ei7©skylove.study-area.org
FROM bytes per second and less than TO byte per second. 'inf' can be used tobem©skylove.study-area.org
signify largest measurable transfer rate. If FROM is omitted, it defaults toVdy©skylove.study-area.org
zero. If TO is omitted, it defaults to infinity. "!" is used to match packetseqp5©skylove.study-area.org
not falling in the range.qciw©skylove.study-area.org
y6©skylove.study-area.org
Example:Mc3o©skylove.study-area.org
ojT©skylove.study-area.org
iptables .. -m connrate --connrate 10000:100000 ...Th©skylove.study-area.org
2EgD©skylove.study-area.org
=> match packets in connections transferring faster than 10kbps, but slower46ds©skylove.study-area.org
than 100kbps.a96k©skylove.study-area.org
olb©skylove.study-area.org
iptables .. -m tos --tos Minimize-Delay \Tl©skylove.study-area.org
-m connrate --connrate 20000:inf \es©skylove.study-area.org
-j TOS --set-tos Maximize-ThroughputrVnl©skylove.study-area.org
QV©skylove.study-area.org
=> match packets in minimize-delay TOS connections that are transferringlq2©skylove.study-area.org
faster than 20kbps and change their tos to maximize-throughput instead.
skylove©skylove.study-area.org(2005-03-28 21:23:33)
Advanced Features of netfilter/iptablesBd
阅读(1501) | 评论(0) | 转发(0) |
