January 2010
M T W T F S S
« Dec   Feb »
 123
45678910
11121314151617
18192021222324
25262728293031

Polls

Which is better for DIY articles? Online or print?

View Results

Loading ... Loading ...

About Me

MTIN is a full service consulting firm with over 15 years of experience. We specialize in ISP networks.  Other clients include enterprise, education, government, and SOHO.  We have Mikrotik, Cisco, and other certified engineers on staff.
«  
  »

Connection Limits on Mikrotik

I recently had an instance where I had to re-visit adding connection limits to a CPE running lots of connections.  they were probably P2P. Here is the code we added:

/ip firewall filter
add chain=forward action=log tcp-flags =syn protocol=tcp connection-limit=100,32 log-prefix="CONN_LIMIT:" comment="connection limit" disabled=no
add chain=forward action=drop tcp-flags =syn protocol=tcp connection-limit=100,32 comment="connection limit" disabled=no

What this code does is this:
1.Limits the connections to 100 per IP.  You can always adjust this for your case

2.Logs the connections & Drops them.

On a side note this customer was dragging down the ap with the amount of connections so we added these rules at the CPE level. It would have done little good to add it on the router.

If you enjoyed this post, make sure you subscribe to my RSS feed!
  • Digg
  • LinkedIn
  • StumbleUpon
  • Twitter
  • WordPress
  • Facebook
  • Share/Bookmark
January 21st, 2010 | Tags: connections, firewall, limiting, Mikrotik, p2p | Category: Mikrotik, WISP, Wireless Email This Post Email This Post

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>