Reasons are many – from fighting climate change by limiting Zoom network usage to making sure some interactive network usage is responsive while uploading the latest Christmas video. But how to (relatively) easily limit application network usage on Linux?

There is trickle but its LD_PRELOAD mechanism of action is not robust for many applications (which fork) and the limits can not be adjusted.

Firejail for bandwidth limiting

I’ve been using firejail ( web ) to limit bandwidth usage. It is relatively easy to setup:

  1. If you have a physical ethernet interface no special setup is required. So can launch as:

    firejail --name=limnet --private --net=eth0 firefox -no-remote
    firejail --bandwidth=limnet set eth0 10 10 
    

    Sets the upload/download to 10 KB/s (kilo-bytes per second)

  2. If you are going through a wireless interface more complex setup is needed:
    1. Create a routed bridge network: https://firejail.wordpress.com/documentation-2/basic-usage/#routed
    2. Start processes with a new namespace based on this network, i.e., --net=br0 in above example
  3. Depending on DNS setup you may need to specify a server explicitly to the limited process: --dns=<dnsip>

Outcome

  1. The bandwidth can be adjusted at anytime by issuing a new: firejail --bandwidth=limnet set eth0 <up> <down> command

  2. Other benefits/shortcomings of firejail apply. I much prefer it to say docker containers for containing individual applications.