[Firehol-support] Marking particular programs

Daniel L. Miller dmiller at amfes.com
Fri Oct 31 00:01:21 GMT 2008


This is probably more appropriate to the netfilter list - but I'll ask 
here once anyway.

Is it possible to "mark" packets from particular programs running on the 
routing server?  Such as Squid or Apt?  Without this, I have no way 
(that I know of) of identifying the nature of the HTTP traffic so I can 
limit it accordingly.

My goal is to set some traffic shaping rules so that interactive traffic 
isn't blocked by large downloads.  So Apt, which doesn't pass through 
Squid, can be sharply limited.

Now, if I can figure out how Squid can tell if a large file is being 
downloaded vs. browsing a large site....hmm....is there a way to limit 
traffic to a particular IP address?  So if more than say, 5M has been 
downloaded from a particular site a flag is raised and the bandwidth is 
limited on that particular connection?
-- 
Daniel




More information about the Firehol-support mailing list