I am trying to allow a certain data quota for a user using nDPI netfiltering.
This is the command I used for checking it.
iptables -A INPUT -m ndpi --quota 2048 -j DROP
Result is
iptables v1.6.0: unknown option "--quota"
As I read in this manual page for iptables 1.4.20 . It can be done.
What would be the correct syntax for this?
I am totally newby for this field. So any help would be greatly appreciated.
I found the answer from this forum.
iptables -i wlan0 -A INPUT ! -s 192.168.X.Y -m quota --quota 1024000 -j ACCEPT -c 0 0
iptables -i wlan0 -A INPUT ! -s 192.168.X.Y -j DROP
Replace 192.168.X.Y with your router. This is actually optional. ! -s 192.168.X.Y ignores the packets receiving from your router which is 192.168.X.Y.
You can also check whether rules are applied by using this command.
iptables -vnL
If they applied properly you should get something like this
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
18 1900 ACCEPT all -- wlan0 * !192.168.10.1 0.0.0.0/0 quota: 10485760 bytes
0 0 DROP all -- wlan0 * !192.168.10.1 0.0.0.0/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 4 packets, 332 bytes)
pkts bytes target prot opt in out source destination