1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Need help creating a script for firewall in Tomato

Discussion in 'Tomato Firmware' started by OnTilt, Dec 4, 2012.

  1. OnTilt

    OnTilt Serious Server Member

    I'm trying to write a simple script to limit the number of connections per user. I've followed the tutorial within Tomato's QoS System as well as several examples I've seen in other posts, but I don't believe it is working as I expect. I still see users with many more connections than the limit of 50 I'm trying to impose. Any help would be greatly appreciated.

    Below is what I'm trying:

    iptables -I FORWARD -p tcp --syn -m iprange --src-range 192.168.1.64-192.168.1.249 -m connlimit --connlimit-above 50 -j DROP

    iptables -I FORWARD -p ! tcp -m iprange --src-range 192.168.1.64-192.168.1.249 -m connlimit --connlimit-above 50 -j DROP

    I've also tried using the PREROUTING command as opposed to the FORWARD command, but again don't believe it had any affect on the number of concurrent connections by a single source IP address.
     

Share This Page