Community discussions

 
User avatar
greek
Member Candidate
Member Candidate
Topic Author
Posts: 111
Joined: Thu Nov 04, 2010 11:37 pm
Location: Russia, 78rus

How to mark every 2nd connection?

Wed Feb 10, 2016 5:04 pm

Hello.

Help me, please, how to mark every 2nd connection to one host (every N minutes)?
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: How to mark every 2nd connection?

Wed Feb 10, 2016 5:21 pm

Use connection marking to mark the connections like this:

/ip firewall mangle
add chain=prerouting connection-mark=no-mark dst-address=x.x.x.x nth=2,1 action=mark-connection new-connection-mark=nth-odd
add chain=prerouting connection-mark=no-mark dst-address=x.x.x.x action=mark-connection new-connection-mark=nth-even

This won't be every N minutes, but every N connection attempts - so as new connections are made to host x.x.x.x, they will alternate connection marks between nth-even and nth-odd.
When given a spoon,
you should not cling to your fork.
The soup will get cold.
 
User avatar
greek
Member Candidate
Member Candidate
Topic Author
Posts: 111
Joined: Thu Nov 04, 2010 11:37 pm
Location: Russia, 78rus

Re: How to mark every 2nd connection?

Wed Feb 10, 2016 10:17 pm

Thak you for answer.

But i need to mark every 2nd connection for every uniq (src_ip+dst_ip) every 2 minutes.

I think about combination of parameters "per connection classifier" and "Dst limit", but i cann't find right combination.
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: How to mark every 2nd connection?

Wed Feb 10, 2016 10:41 pm

Using Nth would work for every connection, regardless of src+dst IP. If you want that type of functionality, you need to use PCC.
When given a spoon,
you should not cling to your fork.
The soup will get cold.

Who is online

Users browsing this forum: MSN [Bot] and 67 guests