Is there a way to limit every customer IP to say 4 connections per port. I know we can limit the total number of connections per IP, but I want to limit each port to a number of connections.

Or, would there e a way to list port numbers that have many connections and then limit just those ports?

Basically I want to limit connections to ports that are abusing and not limit every port that is being used so that the offending application will suffer and not the clients entire connection.

Hi ,

Do u mean that you want to make limit session on the user.
If yes please told me ,
I will help you.



TC

I want to allow for 4 connections per port per client IP.

So a client with an IP address of 192.168.1.2 could have 4 connections on port 80, port 25 and port 5055 while a client with IP 192.168.1.8 could also have 4 connections on port 80, 25, 5055 and also 4 connections on port 1024 and 4462.

Then we might also limit the client to a total of 50 connections TOTAL per IP.

I know how to do the total, but then is a client uses 50 connections for torrent, he can not send email (port 25) of surf web (port 80) or do anything else until he stops torrent.

I want to make problems for ports that are using more then 4 connections at a time, this way the limits should only effect the torrent and not the other services.

Make sense?

Ok its easy ,

All you need to do a filter rule that says :


add action=drop chain=forward comment="Port 80 limit" connection-limit=8,32 disabled=no dst-port=80 protocol=tcp src-address=*.*.*.* tcp-flags=syn

Then any port you need change the dst-port and the connection limit you need

Best Regards

Are you suggesting that I create 65535 separate rules to control connections to each port? Is there not a way to do this with just a few rules?

LOL whow said that ,dont you use pools for every profile if not .... sucks

I think you can do it with mangling and PCC.