[CLUE-Tech] Nice configuration tool for Netfilter
Cyberclops
Cyberclops at hawaii.rr.com
Sat Apr 14 17:46:47 MDT 2001
The following is from a posting on the Hawaii LUG mail list called
"Luau."
Linux 2.4 kernel replaced ipchains with iptables (Netfilter), and there
is
much more elegant traffic shaping and rate throttling available within
the
chains themselves. You can create chains and sub-chains to give fine
grained rate limits on a per-protocol, per-host or per-subnet basis.
You
can also use QoS and the (old) traffic shaper device for more
flexibility.
Kernel 2.4 also has stateful inspection, bringing the routing/firewall
code
to par with BSD ipfilter.
Here is a really nice configuration tool for Netfilter. One of their
screenshots near the middle shows an example of sub-chains and rate
limiting
on a specific protocol.
http://users.pandora.be/stes/ipmenu.html
More information about the clue-tech
mailing list