Manual:Connection Rate: Difference between revisions
|Line 18:||Line 18:|
Revision as of 13:01, 17 September 2009
Connection Rate is a firewall matcher that allow to capture traffic based on speed of connection.
Each entry in connection tracking table represent bidirectional communication. Every time packet gets associated to particular entry, packet size value (including IP header) is added to "connection-bytes" value for this entry.
Connection Rate calculates speed of connection based on change of "connection-bytes". Connection Rate is recalculated every second and do not have any averages.
You can specify range of speed that you like to capture.
ConnectionRate ::= [!]From-To From,To ::= 0..4294967295 (integer number)
These rules will capture TCP/UDP traffic that was going trough the router when connection speed was below 100kbps
/ip firewall filter add action=accept chain=forward connection-rate=0-100k protocol=tcp add action=accept chain=forward connection-rate=0-100k protocol=udp
Connection Rate is available in RouterOS since v3.30. This option was introduced to allow capture traffic intensive connections.
Application Example - Traffic Prioritization
Quick Start for Impatient
IP Firewall mangle