How do I control or limit Internet bandwidth usage of users/computer/IP address in network with the help of iptables rules?
I have one static IP address which provides Internet (that is, WAN). I assigned this to eth0 and the local network IP address as 192.168.0.1 (LAN) which is eth1. This machine is acting as my gateway and DHCP server. If it is possible, can I use the MAC address to identify the machine?
Best Answer
You basically asked two questions. The answers are:
No, you can't limit bandwidth using iptables. iptables is more of a firewall like thing which uses IP addressing as its mode of functioning. You can use the built-in program "tc" (traffic control) to fulfill your need of restricting the bandwidth. Many ISPs use tc to control their bandwidth. Usage of tc is complex, see the manpage of tc to get basic ideas.
You can use the command "arp -n" to see the MAC addresses of the connected hosts along with their IP addresses. So if you use your server as the gateway to the Internet then by using "arp -n" you'll see the MAC & IP addresses of all the devices of the local network currently connected to the server and also the MAC addresses & IP addresses of the server itself.