Posted: Sun Oct 28, 2007 22:08 Post subject: Script for Asus router
I'm going to put this script on my router(to limit connections per ip) but i'm not sure if everything is cofigured properly.
My router is the asus wl500g premium.
Here is the script:
TCA="tc class add dev br0"
TFA="tc filter add dev br0"
tc qdisc del dev br0 root
tc qdisc add dev br0 root handle 1: htb
tc class add dev br0 parent 1: classid 1:1 htb rate 3480kbit
$TCA parent 1:1 classid 1:10 htb rate 256kbit ceil 256kbit prio 2
$TCA parent 1:1 classid 1:11 htb rate 256kbit ceil 256kbit prio 2
$TFA parent 1:0 prio 2 protocol ip handle 10 fw flowid 1:10
$TFA parent 1:0 prio 2 protocol ip handle 11 fw flowid 1:11
iptables -t mangle -A POSTROUTING -d 192.168.1.2 -j MARK --set-mark 10
iptables -t mangle -A POSTROUTING -d 192.168.1.3 -j MARK --set-mark 11
tc qdisc add dev br0 ingress
$TFA parent ffff: protocol ip u32 match ip src 192.168.1.2 flowid :1 police rate 160kbit mtu 12k burst 10k drop
$TFA parent ffff: protocol ip u32 match ip src 192.168.1.3 flowid :1 police rate 160kbit mtu 12k burst 10k drop
iptables -I FORWARD -s 192.168.1.2 -p tcp -m connlimit --connlimit-above 100 -j DROP
iptables -I FORWARD -s 192.168.1.3 -p tcp -m connlimit --connlimit-above 100 -j DROP