Access restriction and connections?

Discussion in 'Tomato Firmware' started by Meffy, Oct 19, 2010.

  1. Meffy

    Meffy LI Guru Member

    As my siblings are not very IT savvy, putting tracker. into the access restriction is enough to block off almost all their torrent activities.

    However, what i noticed that after a short period of time, it resulted in a huge build up of established tcp connections? I did some research on the ips and realized that they were all tracker IPs. Doing a "drop idle" didnt get rid of them..they just came back..only way to get rid of them would be to put the IP into access restriction and do a drop idle.. exactly does access restriction work?

    Does it simply prevent the user from accessing the site...(user is connected but data just doesn't reach the user)
    Does it block the connection to the site and drop the connection?
  2. mikester

    mikester Network Guru Member

    It drops the request. Try adding "announce" and "torrent" to your access restriction as well.

    Search google "limit maximum connections iptables"

    basic syntax

    iptables -A INPUT -p tcp --syn --dport $port -m connlimit --connlimit-above N -j REJECT --reject-with tcp-reset

    Draconian methods work well with torrent abusers - use static IP's to MAC addresses, user severe QOS restrictions on abusers traffic or block all internet access alltogether ;-)
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice