[Firehol-support] Marking particular programs
Daniel L. Miller
dmiller at amfes.com
Fri Oct 31 00:01:21 GMT 2008
This is probably more appropriate to the netfilter list - but I'll ask
here once anyway.
Is it possible to "mark" packets from particular programs running on the
routing server? Such as Squid or Apt? Without this, I have no way
(that I know of) of identifying the nature of the HTTP traffic so I can
limit it accordingly.
My goal is to set some traffic shaping rules so that interactive traffic
isn't blocked by large downloads. So Apt, which doesn't pass through
Squid, can be sharply limited.
Now, if I can figure out how Squid can tell if a large file is being
downloaded vs. browsing a large site....hmm....is there a way to limit
traffic to a particular IP address? So if more than say, 5M has been
downloaded from a particular site a flag is raised and the bandwidth is
limited on that particular connection?
More information about the Firehol-support