Page 1 of 1
Matching number of tcp connections per time...
Posted: Thu Mar 15, 2007 9:02 pm
by amode
Hi,
has someone some help how to make a filter rule which maches something like
"number of tcp connections per second"?
Is this possible at all?
Thanks for any feedback here.
Achim
Posted: Fri Mar 16, 2007 12:22 am
by amode
okay, was able to solve this by myself by just searching the forum.
Sorry for the spam..
Achim
Posted: Sun Mar 18, 2007 7:14 pm
by weller
hi there,
do u want to limit number of tcp conn per user or per interface? pls specify
Posted: Sun May 20, 2007 12:05 pm
by jirkaehm
I want to limit connection per user.
thx for help, or link to thread in forum I did'nt find it
Posted: Mon May 21, 2007 9:04 am
by mneumark
I want to limit connection per user.
thx for help, or link to thread in forum I did'nt find it
Your best bet is to start in the filter section of the manual... It has a great example on the very top of the page...
http://www.mikrotik.com/testdocs/ros/2.9/ip/filter.php
Example,
Drop all tcp connections after 5... per /32 address
/ip firewall filter add chain=forward protocol=tcp tcp-flags=syn connection-limit=6,32 action=drop
Also, make sure connection tracking it on...
Matt
Posted: Mon May 21, 2007 10:49 pm
by jirkaehm
thanks for help.
But isn't 6 connection per user so small number?
If i look in my linux number users have between 2-50 opened connections.
Posted: Tue May 22, 2007 10:57 am
by mneumark
thanks for help.
But isn't 6 connection per user so small number?
If i look in my linux number users have between 2-50 opened connections.
Yes 6 is a very small number, a better bet would be 50-75 for connection limit unless you have a limited amount of packets per second.
Matt
Posted: Tue May 22, 2007 8:07 pm
by sebac
thanks for help.
But isn't 6 connection per user so small number?
If i look in my linux number users have between 2-50 opened connections.
so this is normal???
Plz check my situation... thanks
http://forum.mikrotik.com/viewtopic.php?t=15851
many thanks