Hi al
Based on others code I am able to limit inbound and outbound TCP connections using the following..
chain=forward action=drop tcp-flags=syn protocol=tcp src-address=10.50.1.10 in-interface=ether3 - Customers
connection-limit=40,32
chain=forward action=drop tcp-flags=syn protocol=tcp dst-address=10.50.1.10 in-interface=ether1 - FX
connection-limit=40,0
But not wanting to put in two lines for each user - is there a way to limit inbound TCP connections with a global rule?