Linux control packet size for specific IP address

Question

I would like to get Linux tool/script to control packet size of specific IP or MAC. For example if IP reach 10 MB then DROP packages with IP tables. I have idea how to DROP, but I don't have idea how to control packet size for specific multiple IP address

You want to drop packets once an IP has sent more than 10MB of packets? — Joshua Griffiths, Nov 10 '17 at 20:54

score 1 · Answer 1 · answered Nov 10 '17 at 23:11

1

You want to read man iptables-extensions and man ipset. You can use ipsets to track IP addresses (iptables with --add-set) along with a counter and a timeout. Then you make an iptables rule with -m set --match-set (read the docs) and --bytes-gt

answered Nov 10 '17 at 23:11

Zan Lynx

886
5
13

Linux control packet size for specific IP address

1 Answers1

Linked