1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Script to Limit # of Connections

Discussion in 'Networking Issues' started by Applecalf, Oct 7, 2011.

  1. Applecalf

    Applecalf Networkin' Nut Member

    Could someone show me something I could copy/paste directly into Tomato's Firewall Script box to make the following happen?:

    "Limit the number of connections on ports 1025-65535 for only user IP"

    The intention is to prevent a massive number of P2P connections. The following are scripts I found elsewhere that only partially solve my problem:

    #The following limits the number of TCP connections for that user (not sure of the "range" was necessary to specify just one IP). But I don't want him to have problems opening Web Pages because he's at the connection limit.

    iptables -I FORWARD -p tcp --syn -m iprange --src-range -m connlimit --connlimit-above 200 -j DROP

    #The following is supposed to limit total connections on the port rage on the network. I don't want to have problems opening skype and online game connections because one user has too many P2P connections.

    iptables -I FORWARD -p tcp --dport 1025:65535 -m connlimit --connlimit-above 150 -j DROP

    Is there a way to combine the 2? Please be aware that I know almost nothing about script so how would you write this into the firewall script box for Tomato exactly? BTW, my hardware is Linksys WRT54GL.

Share This Page