Indice   FAQ  
Iscriviti  Login
Indice RouterOS RouterOS

CONNECTION LIMIT

Tutto su questo sistema operativo linux based - Configurazioni, dubbi, problematiche &....
Rispondi al messaggio

CONNECTION LIMIT

Messaggioda unixgino » mar 3 giu 2014, 19:59

Buon giorno avre un dubbio ecco di seguito, vorrei limitare le sessioni ad un numero impostato, utilizzando le address list, vi posto di seguito li script che utilizzo:

# jun/03/2014 19:53:43 by RouterOS 6.13
# software id = RQH0-J9XU
#
/ip firewall address-list
add address=192.168.200.0/24 list=GOLD
add address=192.168.201.0/24 list=GOLD
add address=172.23.1.0/24 list=GOLD
add address=172.23.2.0/24 list=GOLD
add address=192.168.253.128/25 list=CLASSI
add address=192.168.252.0/24 list=CLASSI
add address=192.168.45.0/24 list=CLASSI
add address=192.168.36.0/24 list=CLASSI
add address=192.168.33.0/24 list=CLASSI
add address=192.168.27.0/24 list=CLASSI
add address=192.168.26.0/24 list=CLASSI
add address=192.168.25.0/24 list=CLASSI
add address=192.168.23.0/24 list=CLASSI
add address=192.168.20.0/24 list=CLASSI
add address=192.168.19.0/24 list=CLASSI
add address=192.168.34.0/24 list=CLASSI
add address=192.168.18.0/24 list=CLASSI
add address=192.168.15.0/24 list=CLASSI
add address=192.168.16.0/24 list=CLASSI
add address=192.168.11.0/24 list=CLASSI
add address=192.168.220.0/24 list=CLASSI
add address=192.168.240.0/24 list=CLASSI
add address=192.168.190.0/24 list=CLASSI
add address=192.168.5.0/24 list=CLASSI
add address=192.168.31.0/24 list=CLASSI
add address=192.168.2.0/24 list=CLASSI
add address=192.168.4.0/24 list=CLASSI
add address=192.168.6.0/24 list=CLASSI
add address=192.168.7.0/24 list=CLASSI
add address=192.168.8.0/24 list=CLASSI
add address=192.168.13.0/24 list=CLASSI
add address=192.168.14.0/24 list=CLASSI
add address=192.168.29.0/24 list=CLASSI
add address=192.168.32.0/24 list=CLASSI
add address=192.168.38.0/24 list=CLASSI
add address=192.168.39.0/24 list=CLASSI
add address=192.168.40.0/24 list=CLASSI
add address=192.168.254.128/25 list=CLASSI
add address=192.168.180.0/24 list=CLASSI
add address=192.168.3.0/24 list=CLASSI
add address=192.168.9.0/24 list=CLASSI
add address=192.168.10.0/24 list=CLASSI
add address=192.168.12.0/24 list=CLASSI
add address=192.168.17.0/24 list=CLASSI
add address=192.168.21.0/24 list=CLASSI
add address=192.168.22.0/24 list=CLASSI
add address=192.168.24.0/24 list=CLASSI
add address=192.168.28.0/24 list=CLASSI
add address=192.168.35.0/24 list=CLASSI
add address=192.168.37.0/24 list=CLASSI
add address=192.168.41.0/24 list=CLASSI
add address=192.168.42.0/24 list=CLASSI
add address=192.168.43.0/24 list=CLASSI
add address=192.168.44.0/24 list=CLASSI
add address=192.168.0.0/24 list=CLASSI
add address=192.168.254.96/27 list=CLASSI
add address=192.168.253.96/27 list=CLASSI
/ip firewall filter
add chain=forward comment="allow established connections" connection-state=\
established
add chain=forward comment="allow related connections" connection-state=\
related
add action=drop chain=forward comment="drop invalid connections" \
connection-state=invalid
add action=drop chain=forward connection-limit=150,32 protocol=tcp \
src-address-list=CLASSI tcp-flags=syn
add action=drop chain=forward connection-limit=200,32 protocol=tcp \
src-address-list=GOLD tcp-flags=syn


Saluti
unixgino
Mikrotik-User 10° Liv
Mikrotik-User 10° Liv
 
Messaggi: 11
Iscritto il: mar 15 ott 2013, 10:24
Top

Rispondi al messaggio

Torna a RouterOS

Chi c’è in linea

Visitano il forum: Nessuno e 13 ospiti

Privacy Terms of use
Powered by phpBB © 2002, 2005, 2007 phpBB Group
MikroTik is a registered trademark of MikroTikls corporation
Hai bisogno di aiuto? Contattaci!