I’m hoping that someone can explain the “connections” page under Ip / Firewall.
I recently had a customer who had several connections. More than my firewall rule allowed, which caused his internet to stop working. My firewall rule is below.
add chain=forward action=drop tcp-flags=syn protocol=tcp connection-limit=26,32 comment="allow only 20 simultaneous connections from each of the clients" disabled=yes
The problem is when I had him unplug his radio “I Confirmed it in Wireless / Registration” I still saw several connections in the “Connections” list, and the TCP State indicated that the connections were still established.
My question is, how long does an established connection remain in the list, and why?
If you disconnect you PC/Router/CPE aren’t you severing the connection?
Is there a more accurate way of tracking connections?
Re: “connections” question!
see connection timeoutshow long does an established connection remain in the list, and why?
realtime way of tracking the conections is torch
Re: “connections” question!
Thanks, Chupaka
Are there any drawbacks to using Torch?
Are there any drawbacks to using Torch?
Re: “connections” question!
yesssss - you cannot use torch results in firewall rules )))Are there any drawbacks to using Torch?
Re: “connections” question!
I have a similar rule in a hotspot I'm configuring to allow 25 connections.
I've been playing around and have noticed something a little strange. The connection tracking timeouts are set to the defaults.
If I browse to a website it may open 10 or so connections depending on the page. After the page is finished loading many of the connections stay in the the "Established" state for one minute before disappearing. If I quickly browse between a number of web pages the connection limit quickly reaches 25 (since the connections stay "established" for about 1 minute)
Why would these connections be showing "Established" for so long. Shouldn't the TCP connection have been closed down after FIN and ACKS are exchanged to bring down the connection?
Thanks
I've been playing around and have noticed something a little strange. The connection tracking timeouts are set to the defaults.
If I browse to a website it may open 10 or so connections depending on the page. After the page is finished loading many of the connections stay in the the "Established" state for one minute before disappearing. If I quickly browse between a number of web pages the connection limit quickly reaches 25 (since the connections stay "established" for about 1 minute)
Why would these connections be showing "Established" for so long. Shouldn't the TCP connection have been closed down after FIN and ACKS are exchanged to bring down the connection?
Thanks
Re: “connections” question!
Same exact thing here!!!!!
Re: “connections” question!
I was using Internet Explorer while testing this.
It seems the connection management in IE waits 60 seconds before closing a connection.
Enabling Transparent Proxy in the user profile of the hotspot seems to get around this issue for me.
See if the transparent HTTP proxy does anything for you.
It seems the connection management in IE waits 60 seconds before closing a connection.
Enabling Transparent Proxy in the user profile of the hotspot seems to get around this issue for me.
See if the transparent HTTP proxy does anything for you.
Re: “connections” question!
I’m sure that won’t do me any good, because I don’t use the hotspot feature!
Who is online
Users browsing this forum: Bing [Bot], GoogleOther [Bot], Yahoo [Bot] and 194 guests