You are not logged in.
Hi,
I have a network-related problem. My internet access is provided by my university with 1Gbit/s. However, I get kicked for about 2 minutes as soon as too many new connections are created in a certain time (say 10 connections/second) as a protection against worms. This happens when I try to play a game of Heroes of Newerth and the game tries to query all game servers, which is very annoying. I would like to delay the new connections so that no more than, say, 8 connections/second are established.
Offline
You could do something close to this with some iptables rules. That said, I don't know if, with iptables/netfilter, it's possible to 'delay' (I would say it's not) new connection, but only to reject/drop them. Maybe there's something better to do this kind of thing that I'm not aware of.
Now, the exact rules you'll have to add depends on how the game is interacting with the servers. You'll have to find this by yourself.
Offline
trickle and netbrake don't seem to support this... so you'll probably end up turning to netfilter.
To match the right packets, you just need some simple iptables rules:
-A OUTPUT -m state NEW -m limit --limit 5/s -j ACCEPT # allow 5 new conns per second
-A OUTPUT -m state NEW -j QUEUE # send other new conns to a userspace program
Now you just need a program to delay the packets (in userspace) - try this http://people.redhat.com/berrange/notes … delay.html
You can probably do this with tc from iproute2 instead of the perl script, but I don't know how.
This solution will end up spreading out the connections, but the delay will be the same for all of them so it might not work very well (you could make the delay vary though).
Last edited by thestinger (2010-11-03 02:02:05)
Offline