Is there a simple way to limit the total number of p2p sessions ? I have already
tagged with mangle all p2p traffic and tried with firewall Filter Rules to limit
the totale tcp traffic session (for example to 1000 sessions) but it doesn’ t works ?
here is the code:
chain=forward action=drop tcp-flags=syn p2p=all-p2p protocol=tcp connection-limit=1000,32
here is the mangle:
0 chain=prerouting action=mark-connection new-connection-mark=http_conn
passthrough=yes dst-port=80 protocol=tcp
1 chain=prerouting action=mark-packet new-packet-mark=http passthrough=no
connection-mark=http_conn
2 chain=prerouting action=mark-connection new-connection-mark=p2p_conn
passthrough=yes p2p=all-p2p
3 chain=prerouting action=mark-packet new-packet-mark=p2p passthrough=no
connection-mark=p2p_conn
4 chain=prerouting action=mark-connection new-connection-mark=other_conn
passthrough=yes
5 chain=prerouting action=mark-packet new-packet-mark=other passthrough=no
connection-mark=other_conn
any idea ?
Thanks
Fabio