Hi Dear,
I’m using Mikrotik RB1000u, hosting servers are in the back, sometimes i ip port 80 can open hundreds of connections, what I want, for example, more than 1 ip address 10 connection connection if it opens the package to drop.
Regards.
http://www.mikrotik.com/testdocs/ros/2.9/ip/filter_content.php#6.38.2.3
Use the connection-limit property of the firewall filter rules.
I’ve read that page but I could not do a good rule, if there is someone who’s already such a rule would be happy if I shared
It’s kind of hard to give you a specific rule if you don’t disclose specifics of your network.
Something like this:
/ip firewall filter add chain=forward protocol=tcp tcp-flags=syn connection-limit=11,32 action=drop dst-address=<webserver-ip-address> in-interface=<your-wan-interface>
connection-limit=11,32 matches the 11th and more connection from /32 netblocks (so the limit is per host IP address) to the destination address, and in this case drops it (action=drop). connection-limit=251,24 would match the 251st and more connection from a /24 network to the destination address.
Hope that helps.