Is there any utility to limit the network throughput of a process after it has been launched? Simple example: you note that a user takes all your upload bandwidth using scp and you'd like to limit the rate or decrease the priority of the transfer.
I guess i could use a combination of iptables/tc or pf to achieve that, but i was wondering if there is a "one-shot" tool available (like trickle with a --pid option ^^) ?
Unfortunately there is no such a solution for FreeBSD. There are many solutions like dummynet/ipfw or altq/pf which are used to limit network usage based on different patterns but not on pids.
On linux there is a way to limit network usage on a user basis:
I think there is no solution to limit the network utilization based on pid.
lsof the process to get the network ports that the proc is using. Once you know which ports are being used you can use IPTABLES rules to rate limit these ports. These articles should give you a better idea: http://linux-ip.net/articles/Traffic-Control-HOWTO/ http://blog.edseek.com/~jasonb/articles/traffic_shaping/ http://wikis.sun.com/pages/viewpage.action?pageId=49906332
In Linux, even combination of iptables and tc could be a hard problem, since the "--pid-owner" option was abandoned from "owner" iptables module (see note below the table here). In fact, only this association (packet--process) seems to be complicated, while we can easily do the rest, i.e. filter and limit packets quite efficiently.
I don't think there is a ready made solution for this. But, using standard Linux tools you can hack a script that will do the thing.
First, you can get a list of all connections of specific process with lsof. Then, you can create ingress policies with tc for those connections.
Crudely, if you nice the process down to +20, then anything else running on the system will get priority and the job will be scheduled less often, so will find it harder to fill the buffers or process packets, which should lead to some TCP throttling. It will be sporadic, but might help enough.