how can i limit the number of udp session for a specific ip address or mac address in the firewall filter ?
thank u in advance
Re: limiting the number of udp sessions
yep, it it possible to expand 'connection-limit' firewall matcher to non-tcp connections?
Re: limiting the number of udp sessions
Code: Select all
[admin@MikroTik] > /ip firewall filter
[admin@MikroTik] /ip firewall filter> add chain=forward src-address=10.1.0.1 protocol=udp connection-limit=11,32 action=drop
failure: connection limit works only with tcp
Re: limiting the number of udp sessions
MT Staff?..
Re: limiting the number of udp sessions
UDP is a connection-less protocol, meaning there is no concept of "connection", and therefore, "connection-limit" cannot be applied.
Re: limiting the number of udp sessions
sure. but we can see udp 'connections' in Firewall Connections. why can't we limit by number of such 'streams'? also, you NAT whole udp 'connection', not every packet of it - so there ARE concept of 'udp connection' in RouterOS =)
-
-
angboontiong
Forum Guru
- Posts: 1136
- Joined:
Re: limiting the number of udp sessions
Hi...
any news about this?
thanks...
any news about this?
thanks...
Re: limiting the number of udp sessions
Starting already from v5.7 connection-limit can be used to limit other protocols, too.
-
-
angboontiong
Forum Guru
- Posts: 1136
- Joined:
Re: limiting the number of udp sessions
let say we set the limit to 20 session, but on the connection we can see the testing ip just running on 10 tcp connection...Starting already from v5.7 connection-limit can be used to limit other protocols, too.
we try the connection limit, it will effect the services like youtube even just under 10 tcp session...
am i doing the wrong thing?
and, would you mind to provide wiki link for reference...
thanks...
Re: limiting the number of udp sessions
So this should work?
Code: Select all
chain=forward action=add-src-to-address-list p2p=all-p2p connection-state=new protocol=udp
address-list=UDP over limit address-list-timeout=0s connection-limit=100,32