Reasons are many – from fighting climate change by limiting Zoom network usage to making sure some interactive network usage is responsive while uploading the latest Christmas video. But how to (relatively) easily limit application network usage on Linux?

There is the fairly standard trickle program but its mechanism of action is to substitute some functions by setting the LD_PRELOAD environment variable (see also this post here). This is not robust for many applications, e.g., if they fork() or if they are fully statically linked. Here is an alternative approach:

Firejail for bandwidth limiting

I’ve been using firejail ( web ) to limit bandwidth usage. It is relatively easy to setup:

  1. If you have a physical ethernet interface no special setup is required. So can launch as:

    firejail --name=limnet --private --net=eth0 firefox -no-remote
firejail --bandwidth=limnet set eth0 10 10

    Sets the upload/download to 10 KB/s (kilo-bytes per second)

  2. If you are going through a wireless interface more complex setup is needed:
    1. Create a routed bridge network: https://firejail.wordpress.com/documentation-2/basic-usage/#routed
    2. Start processes with a new namespace based on this network, i.e., --net=br0 in above example
  3. Depending on DNS setup you may need to specify a server explicitly to the limited process: --dns=<dnsip>

Outcome

  1. The bandwidth can be adjusted at anytime by issuing a new: firejail --bandwidth=limnet set eth0 <up> <down> command

  2. Other benefits/shortcomings of firejail apply. I much prefer it to say docker containers for containing individual applications.

Updated 2023-04-05 with link to trickle github