Connection Limit Notifier

From DD-WRT Wiki

Jump to: navigation, search

Contents

[edit] Connection Limit Notifier

The Connection Limit Notifier is available in Mini and larger builds starting with SVN 12966 builds. Micro can not support the SMTP protocol, therefore, Micro can not support the notifier.

This Notifier is quite simple to configure.

On the Security>>Firewall tab

Start by Enabling the Notifier ("Daemon" changed to "Notifier" in SVN12975)
Choose your connection Limit (500 is the default)
Enter your email SMTP Server information (outgoing mail)
Enter your authentication username/password for outgoing mail
Enter your email address and Full Username (From:)
Enter the Email Domain and Email address you wish the notification to go to. (To:)


Image:Connection-Limit-Notifier.jpg

[edit] How it works

The Notifier works in conjunction with the Watchdog of your dd-wrt router. It will send out an email (using an ESMTP protocol) for any device that exceeds the connection limit you specified in the configuration.

If the notifier sends an email, it will then ignore that device for the next 10 minutes...after which time it will send another message but only if the limit is still exceeded. If during that time another device exceeds the limit, an email will be sent immediately regarding that device...but again ignore subsequent breaches of that devices limit until 10 minutes have passed.

[edit] Output text

You can manually check for breached limits by issuing "notifier" on a command line or in a cron script.

If "notifier" is issued on your command line, the output for a breached limit will look something like this:


root@redhawk-AP:~# notifier
220 vmsXXXXpub.XXXXX.net -- Server ESMTP (Sun Java(tm) System Messaging Server 6.3-7.04 (built Sep 26 2008; 32bit))
250 2.0.0 OK.
250 SIZE 20971520
334 VXNlcm5dMwU6
334 UGFzgfaQcmQ6
235 2.7.0 LOGIN authentication successful.
250 2.5.0 Address Ok.
250 2.1.5 XXXXX@XXXXX.com OK.
354 Enter mail, end with a single ".".
250 2.5.0 Ok.
221 2.3.0 Bye received. Goodbye.


If there is no breach of limit, the command "notifier" will return a blank line.

The email that is sent has much more information regarding who/what was breached...it provides (as an example):


From: "Router" <XXXXX@XXXXX.XXX>

ip 192.168.0.10 has 552 open connections
544 open connections on port 80
1 open connections on port 61819
1 open connections on port 24
1 open connections on port 57
2 open connections on port 5129
1 open connections on port 28381
1 open connections on port 3132
1 open connections on port 993

[edit] NVRAM variables used

warn_to= (email where notifications are sent)
warn_from= (email address of your SMTP count)
warn_domain= (domain of To: receiver)
warn_user= (username of SMTP server for outgoing)
warn_pass= (password of SMTP server for outgoing)
warn_server= (SMTP outgoing server)
warn_fromfull= (Full Name given in configuration)
warn_connlimit= (Number of connection Limit)
warn_enabled=1 (0 to disable Connection Limit Notifier)