В сообщении от Saturday 06 October 2007 05:16:38 David Boreham написал(а):
> David Boreham wrote:
> >> iptables: limit, hashlimit, dstlimit work on pps basis.
> >
> > <doh> ! yes, I'd thought about that stuff but somehow
> > discounted it as 'not worthy' for traffic shaping.
> Actually, I remember now why iptables doesn't work :
> All it does is drop the excess packets over the limit.
<skip />

Simple packet drop works for ordinary tcp congestion algorithms as a channel 
overload, and tcp decreases speed. So works RED policing filters and so on.

Beside of this, iptables can _accept_ a packet :) You can try to mark and 
queue the excess packets.

Peter V. Saveliev
