Prihlásiť sa Odoslať Novinky :: FAQ :: Rozšírené vyhľadávanie :: Napísali o nás :: Ankety
Main Menu
· Home
· 
· FAQ
· 
· Diskusia
· 
Main Menu
· Domov

Moduly
· AvantGo
· Downloads
· FAQ
· News
· Recommend Us
· Reviews
· Search
· Sections
· Stats
· Topics
· Top List
· Web Links
· Forum
Jazyk
Výber jazykovej mutácie:

FAQ  •  Search  •  Register  •  Log in to check your private messages
Log in  •  Maximize
The time now is 26.04.2024 - 07:14

SKFREE Forum Index » SKFree Network » Software

Obmedzenie TCP spojeni

Post new topic Reply to topic
View previous topic Printable version Log in to check your private messages View next topic
 
Author Message
icerowicz
Post subject: Obmedzenie TCP spojeni  PostPosted: 30.01.2007 - 08:42 #44995
Ucen


Joined: Apr 12, 2006
Posts: 930
Location: Vranov nad Topľou
Kedze moji pacienti neako zacali pretazovat packety, chcel by som vas poprosit o neaky konkretny pripad obmedzenie TCP spojeni cez iptables pre konkretnu ip. Smile neaky napad ?Smile
 
 View user's profile Send private message Visit poster's website ICQ Number 
Reply with quote Back to top
kubiik
Post subject: RE: Obmedzenie TCP spojeni  PostPosted: 30.01.2007 - 16:03 #45021
Guru


Joined: Jan 24, 2004
Posts: 1685
niekde to tu uz bolo..... aj ked nechapem slovne spojenie "pretazovat pakety"
v iptables existuje nieco ako "limit" ak to tam mas zakompilovane -> skus si pohladat Smile
 
 View user's profile Send private message ICQ Number 
Reply with quote Back to top
fixi
Post subject: RE: Obmedzenie TCP spojeni  PostPosted: 30.01.2007 - 16:34 #45023
Basic


Joined: Sep 13, 2005
Posts: 267
Location: Bratislava
iptables -m limit --help vypise co budes chciet, a este mozno tak -m connlimit Smile
 
 View user's profile Send private message Send e-mail Visit poster's website ICQ Number 
Reply with quote Back to top
qido
Post subject: RE: Obmedzenie TCP spojeni  PostPosted: 31.01.2007 - 15:48 #45074
Basic


Joined: Máj 31, 2006
Posts: 292
fixi wrote: ›iptables -m limit --help vypise co budes chciet, a este mozno tak -m connlimit Smile


jasne na routry to nie je problem, skor by ma zaujimalo ci sa to da spravit uz na apecku, aby tym zbytocne netrpela mw siet. P2P ju hodne zabija. Mam mikrotika ako bridge ap, a tam sa mi to obmedzit nejak nedari Sad
 
 View user's profile Send private message Visit poster's website  
Reply with quote Back to top
andreas4all
Post subject: RE: Obmedzenie TCP spojeni  PostPosted: 31.01.2007 - 16:13 #45075
Majster


Joined: Dec 09, 2004
Posts: 2539
Location: L.A.
dedinka pri PD
ked je v mode Bridge, tak pravidla vo FW sa ignoruju.
 
 View user's profile Send private message Visit poster's website  
Reply with quote Back to top
bakula
Post subject: RE: Obmedzenie TCP spojeni  PostPosted: 31.01.2007 - 16:55 #45079
Ucen


Joined: Okt 21, 2004
Posts: 792
v mikrotiku prechadza cez FW.
http://www.mikrotik.com/testdocs/ros/2.9/ip/flow.php

ip firewall filter add chain=forward protocol=tcp tcp-flags=syn connection-limit=150,32 \
action=drop comment="limit conn" disabled=no

limit na 150 connections/IP


Last edited by bakula on 31.01.2007 - 17:04; edited 2 times in total
 
 View user's profile Send private message  
Reply with quote Back to top
andreas4all
Post subject: RE: Obmedzenie TCP spojeni  PostPosted: 31.01.2007 - 17:01 #45080
Majster


Joined: Dec 09, 2004
Posts: 2539
Location: L.A.
dedinka pri PD
no hej, ale musis to prehnat este cez Broute a nie je jednoduchsie tam potom hodit Routing (taky FULL, bud OSPF alebo RIP)??? a je to este lepsie ako toto.
 
 View user's profile Send private message Visit poster's website  
Reply with quote Back to top
Thomas
Post subject: RE: Obmedzenie TCP spojeni  PostPosted: 31.01.2007 - 17:18 #45082
Majster


Joined: Okt 31, 2006
Posts: 2062
Location: TT
andreas4all tak to hej , len to som mu odpuručil také núdzové riešenie
EDIT: mám taký dojem že 5000 má aj podporu RIP protokolu , takže môže rovno na tom routovať
 
 View user's profile Send private message Visit poster's website ICQ Number 
Reply with quote Back to top
andreas4all
Post subject: RE: Obmedzenie TCP spojeni  PostPosted: 31.01.2007 - 17:54 #45084
Majster


Joined: Dec 09, 2004
Posts: 2539
Location: L.A.
dedinka pri PD
kamaratove slova > RIP je na slucku. Neviem si predstavit ked mas routrovat cca 100 subnetov pomocou RIPu.

Limitovat spojenia na MT je jednoduche, samozrejme ked to je routrovane. Este by som snad odporucil hodit predto pravidlo na logovanie (ak by niekto porusil, tak to mas v logu >> moze byt P2P alebo vir).

Z praxe mi vyslo ze minimum je 200 a optimum 250 spojeni.
 
 View user's profile Send private message Visit poster's website  
Reply with quote Back to top
LaCosta
Post subject: RE: Obmedzenie TCP spojeni  PostPosted: 01.02.2007 - 08:07 #45115
Ucen


Joined: Jún 24, 2003
Posts: 598
Location: /dev/null
Ono viac vyuzije snad iba torrent .. ak mas stroj mozes dat 300-400 ale zalezi na konkretnej situacii
 
 View user's profile Send private message Visit poster's website ICQ Number 
Reply with quote Back to top
Display posts from previous:     
All times are GMT
Post new topic Reply to topic
View previous topic Printable version Log in to check your private messages View next topic
 
Jump to:  

SKFREE Forum Index » SKFree Network » Software
Powered by PNphpBB2 © 2003-2005 The PNphpBB Group
Credits

(C) SKFree 2002-2010: Powered by POSTNUKE. Môžete prebera? naše správy vo formáte XML(RSS)