Script to Limit # of Connections

Discussion in 'Tomato Firmware' started by Applecalf, Oct 7, 2011.

  1. Applecalf

    Applecalf Networkin' Nut Member

    Could someone show me something I could copy/paste directly into Tomato's Firewall Script box to make the following happen?:

    "Limit the number of connections on ports 1025-65535 for only user IP"

    The intention is to prevent a massive number of P2P connections. The following are scripts I found elsewhere that only partially solve my problem:

    #The following limits the number of TCP connections for that user (not sure of the "range" was necessary to specify just one IP). But I don't want him to have problems opening Web Pages because he's at the connection limit.

    iptables -I FORWARD -p tcp --syn -m iprange --src-range -m connlimit --connlimit-above 200 -j DROP

    #The following is supposed to limit total connections on the port rage on the network. I don't want to have problems opening skype and online game connections because one user has too many P2P connections.

    iptables -I FORWARD -p tcp --dport 1025:65535 -m connlimit --connlimit-above 150 -j DROP

    Is there a way to combine the 2? Please be aware that I know almost nothing about script so how would you write this into the firewall script box for Tomato exactly?
  2. Applecalf

    Applecalf Networkin' Nut Member

    Also, I've seen variations where instead of DROP at the end of the script, it says REJECT. Does it matter which I use?
    PS. My hardware is Linksys WRT-54GL.
  3. phuque99

    phuque99 LI Guru Member

  4. Toastman

    Toastman Super Moderator Staff Member Member

    Users of Toastman builds should already have these scripts in the firewall setup. Just remove the # at the beginning of each line.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice