Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Bandwidth Limiting HOWTO

Bandwidth Limiting HOWTO

Tomasz Chmielewski

Revision History
Revision 0.92001-11-20Revised by: tc

This document describes how to set up your Linux server to limit download bandwidth or incoming traffic and how to use your internet link more efficiently.

Table of Contents
1. Introduction
1.1. New versions of this document
1.2. Disclaimer
1.3. Copyright and License
1.4. Feedback and corrections
1.5. Thanks
2. Before We Start
2.1. What do we need
2.2. How does it work?
3. Installing and Configuring Necessary Software
3.1. Installing Squid with the delay pools feature
3.2. Configuring Squid to use the delay pools feature
3.3. Solving remaining problems
3.3.1. Linux 2.2.x kernels (ipchains)
3.3.2. Linux 2.4.x kernels (iptables)
4. Dealing with Other Bandwidth-consuming Protocols Using CBQ
4.1. FTP
4.2. Napster, Realaudio, Windows Media and other issues
5. Frequently Asked Questions
5.1. Is it possible to limit bandwidth on a per-user basis with delay pools?
5.2. How do I make wget work with Squid?
5.3. I set up my own SOCKS server listening on port 1080, and now I'm not able to connect to any irc server.
5.4. I don't like when Kazaa or Audiogalaxy is filling up all my upload bandwidth.
5.5. My outgoing mail server is eating up all my bandwidth.
5.6. Can I limit my own FTP or WWW server in a manner similar it is shown in the question above?
5.7. Is it possible to limit bandwidth on a per-user basis with cbq.init script?
5.8. Whenever I start cbq.init, it says sch_cbq is missing.
5.9. CBQ sometimes doesn't work for no reason.
5.10. Delay pools are stupid; why can't I download something at full speed when the network is used only by me?
5.11. My downloads break at 23:59 with "acl day time 09:00-23:59" in squid.conf. Can I do something about it?
5.12. Squid's logs grow and grow very fast, what can I do about it?
5.13. CBQ is stupid; why can't I download something at full speed when the network is used only be me?
6. Miscellaneous
6.1. Useful resources

1. Introduction

The purpose of this guide is to provide an easy solution for limiting incoming traffic, thus preventing our LAN users from consuming all the bandwidth of our internet link.

This is useful when our internet link is slow or our LAN users download tons of mp3s and the newest Linux distro's *.iso files.

1.1. New versions of this document

You can always view the latest version of this document on the World Wide Web at the URL

New versions of this document will also be uploaded to various Linux WWW and FTP sites, including the LDP home page at

1.2. Disclaimer

Neither the author nor the distributors, or any other contributor of this HOWTO are in any way responsible for physical, financial, moral or any other type of damage incurred by following the suggestions in this text.

1.3. Copyright and License

This document is copyright 2001 by Tomasz Chmielewski, and is released under the terms of the GNU Free Documentation License, which is hereby incorporated by reference.

1.4. Feedback and corrections

If you have questions or comments about this document, please feel free to mail Tomasz Chmielewski at I welcome any suggestions or criticisms. If you find a mistake or a typo in this document (and you will find a lot of them, as English is not my native language), please let me know so I can correct it in the next version. Thanks.

1.5. Thanks

I would like to thank Ami M. Echeverri who helped me to convert the HOWTO into SGML format and corrected some mistakes. I also want to thank Ryszard Prosowicz for useful suggestions.



Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Feds Charged With Stealing Money During Silk Road Investigation
EFF questions US government's software flaw disclosure policy
Hotel Router Vulnerability A Reminder Of Untrusted WiFi Risks
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.