1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Max numbner of port forwards?

Discussion in 'Tomato Firmware' started by eagleeye1, Jul 24, 2008.

  1. eagleeye1

    eagleeye1 Addicted to LI Member

    Hi
    I have been searching all the FAQs but there
    is no listing of how many portfowardings tomato
    has increased from the default..

    Can someone please let me know? I need to
    port forward say 500 ports. will Tomato
    allow this many?

    I belive the default is only 30 in the original
    firmware

    Eagleeye
     
  2. jaak

    jaak LI Guru Member

    You'd probably have to use iptables directly to forward that many ports.

    Can you forward port ranges? That would be a lot easier.
     
  3. eagleeye1

    eagleeye1 Addicted to LI Member

    Hi
    Thanks I can develop a windows script to telnet and do all the
    iptables syntax..

    Ok, let me modify my question.

    1) What is the MAX number of port forward configs via the GUI? that has
    been extended from the original?

    2) What is the max number of portforward configs via iptables..


    I just want to know the specs.. dont want to suddenly get stuck
    at 50 port forwards with a limit error of some kind.

    Allan
     
  4. jaak

    jaak LI Guru Member

    I took a quick look at the source, I don't see any hard limits, but that doesn't mean there aren't some somewhere (for example, a limited buffer size somewhere creating an arbitrary limit, as well as hard limits caused by the CPU architecture (ie. 32 bits)).

    The GUI is limited by the size of NVRAM, which on my router is 128k (might be different on different models), each entry in the GUI takes up a variable amount of space depending on the information entered (you can see this using the nvram utility). But if you assumed a generous 64 bytes per entry average, that'd be well over a thousand entries.

    Iptables is limited by the available RAM, entries are dynamically allocated. The size of each entry is fixed, but without going into the iptables source and adding up the size of the structures I could only guess at the size of each entry. But, let's guestimate 128 bytes, with 2 megs of free RAM that's over 16 thousand entries.

    Personally, I would suggest you use OpenWRT for this, it is a lot more industrial strength.
     

Share This Page