limit connections to 50 per user

natedogg104 · Sat Jun 07, 2008 6:49 am

OK guys i have read the forums and have the following inputed in to my router
chain=forward action=drop tcp-flags=syn src-address=10.5.50.72
protocol=tcp connection-limit=50,32
this works if i assign an ip address, but what i want to do is have it applied to all ip addresses to the network, and i have tried
chain=forward action=drop tcp-flags=syn src-address=10.5.50.72/24 or 10.5.50.72/32
protocol=tcp connection-limit=50,32

BUt then it limits 50 connections for the whole subnet as a whole and not per user ip
My questioin is ther a way to limit each address without specifing each ip address. My goal is to limit the whole subnet to 50 connections per ip address

Thanks in advance

Nathan Vosburg
http://www.coalinganowire.com
natedogg104@yahoo.com

Chupaka · Sat Jun 07, 2008 2:56 pm

chain=forward action=drop tcp-flags=syn protocol=tcp src-address=10.5.50.0/24 connection-limit=50,32

natedogg104 · Mon Jun 09, 2008 9:55 am

wont that limit the whole range to only 50 connections for the whole range, meaning that if i had 20 ips in that range they would all share that 50 connections? I want it so that every ip in that range gets 50 connections, meaning if i had 20 users each one would get 50 connections

lastguru · 星期一6月09年2008上午10:04

The second value (32) in that "connection-limit" property defines the netmask of limitation. In other words, for your setup each of the /32 clients (effectively, each IP) will have the limitation set to 50 connection, which is exactly what you want to achieve.

natedogg104 · Mon Jun 09, 2008 10:11 am

Tyvm for the response. Thats explains it

natedogg104 · Mon Jun 09, 2008 11:04 pm

ok last question on this one , since my gateway is 10.5.50.1 every person makes a connection to it , how do i exempt if from the 50 connection rule

Thanks again in advance

lastguru · Tue Jun 10, 2008 12:42 am

why do they connect to the gateway?

As for the extemption, put an accept rule for that kind of traffic before the connection limit

natedogg104 · Tue Jun 10, 2008 1:07 am

Im running a hotspot service the ip of the gateway is 10.5.50.1 for the hotspot and dhcp server and proxy server. So i dont want to limit the ip of 10.5.50.1 to 50 connections but all the other ips to 50 per ip address. Can you give me an example, im thinking of chain=forward action=drop tcp-flags=syn protocol=tcp src-address=10.5.50.0/24 connection-limit=10000,32 or chain=forward action=allow tcp-flags=syn protocol=tcp src-address=10.5.50.1. What one do you suggest to use

natedogg104 · Tue Jun 10, 2008 7:46 pm

any ideas?

limit connections to 50 per user

limit connections to 50 per user

Re: limit connections to 50 per user

Re: limit connections to 50 per user

Re: limit connections to 50 per user

Re: limit connections to 50 per user

Re: limit connections to 50 per user

Re: limit connections to 50 per user

Re: limit connections to 50 per user

Re: limit connections to 50 per user

Who is online