How to limit maximum number of TCP connections
Mateusz Marzantowicz
mmarzantowicz at osdf.com.pl
Thu Jun 28 14:44:28 UTC 2012
On 27.06.2012 08:57, Jatin K wrote:
> Dear All
>
> I'm on FC 15 which is acting as a router for Cable Internet connection
> for 145 PC on the LAN, which works fine... But there is one question in
> my mind, How do I limit the maximum numbers of concurrent connections to
> router. i.e. if I want to allow only 90 concurrent connection to the
> router at the given time only 90 PCs can pass through the router or
> connect to the Internet other PCs/users have to wait until the connected
> PCs session is over.
>
> is there any solution/tweak available ???
>
1. It's probably far from perfect but you could try to allow access
(forward packets) only for authenticated clients. You could try to
combine Kerberos tools (or some other auth protocol) with iptables etc.
It sould be possible to limit number of simultaneously authenticated
clients.
2. It might also be possible to setup a dhcp server combined with your
router and allow traffic that is related to clients that obtained their
IP config form that server (so dhcp server need to run some script after
client is successfully configured to open firewall). It certainly has
lot of security issues but in case it's not your top priority
requirement you can try it. But dhcp leases must be renewed often so you
don't block "slots" for too long.
Mateusz Marzantowicz
More information about the users
mailing list