Hello, I really appreciate this site. Finally, there is updated info on cbq and people with knowledge to back it up - - Thanks Here is my situation, I am at a college with a single 512k line for 450 machines. Our servers and fac/staff are on C class x.x.166.x and all students are on C class x.x.167.x . Currently, a few student machines are monopolizing our connection for napster and make business related telnet painfully slow (all telnet is pointed at the same server off campus.) I wanted to know if anyone has tried or has knowledge withthe following situations - 1.) I wanted to make sure that it was possible to have 2 C class addresses behind IProute2. 2.) Would it be possible to limit napster on a per-session basis and also have a combined limit? 3.) Currently, we are not supporting DCHP and I do not have the resources to change the gateways on all machines. Would that be needed? The current router/gateway is x.x.166.254, it would be possible for me to add an additional IP address to it. This is probably my biggest concern, since I want to maintain all my current, real IP''s. Sorry about all of the questions and thanks in advane for any help. Chris G.
On Mon, Jan 08, 2001 at 09:08:10AM -0600, Chris Glanzer wrote:> Hello, I really appreciate this site. Finally, there is updated info on cbq > and people with knowledge to back it up - - Thanks > > Here is my situation, > I am at a college with a single 512k line for 450 machines. Our servers and > fac/staff are on C class x.x.166.x and all students are on C class x.x.167.x > . Currently, a few student machines are monopolizing our connection for > napster and make business related telnet painfully slow (all telnet is > pointed at the same server off campus.)> 1.) I wanted to make sure that it was possible to have 2 C class addresses > behind IProute2.Of course.> 2.) Would it be possible to limit napster on a per-session basis and also > have a combined limit?Not sure. I think napster *traffic* looks like http. Also, I''m not sure if you can limit per tcp session.> 3.) Currently, we are not supporting DCHP and I do not have the resources to > change the gateways on all machines. Would that be needed? The current > router/gateway is x.x.166.254, it would be possible for me to add an > additional IP address to it. This is probably my biggest concern, since I > want to maintain all my current, real IP''s.If your router is already Linux, I don''t see any problem. Regards, bert hubert -- PowerDNS Versatile DNS Services Trilab The Technology People ''SYN! .. SYN|ACK! .. ACK!'' - the mating call of the internet
On Mon, 8 Jan 2001, bert hubert wrote:> > 2.) Would it be possible to limit napster on a per-session basis and also > > have a combined limit? > > Not sure. I think napster *traffic* looks like http. Also, I''m not sure if > you can limit per tcp session.there is plenty of documentation out there on the web regarding how to limit napster traffic. although i believe it is mostly just how to block it entirely. you can block the entire napster inc block, but there are other servers, such as those listed at http://www.napigator.com/list.php which would be exceptionally easy to grab with a script such as: wget -qO - http://www.napigator.com/servers.php?version=117 | grep ''[a-zA-Z]$''| awk ''{print $7 " " $2 }'' which you could then pipe into nslookup or something (i think that $7 is local to awk but you could use some shell magic to assign it to $NAME and then nslookup $NAME or even pipe the above script to while read i; ). in the above script $2 is the port which is almost always 8888. you could then take that data and add ipchains rules for them or add them to the routing table routed to dummy0 or lo. alex