Manual:Connection Rate: Difference between revisions

From MikroTik Wiki
Jump to navigation Jump to search
Line 18: Line 18:
===Example===
===Example===


 
These rules will capture TCP/UDP traffic that was going trough the router when connection speed was below 100kbps
 


<pre>
<pre>
 
/ip firewall filter
add action=accept chain=forward connection-rate=0-100k protocol=tcp
add action=accept chain=forward connection-rate=0-100k protocol=udp
</pre>
</pre>



Revision as of 13:01, 17 September 2009

Introduction

Connection Rate is a firewall matcher that allow to capture traffic based on speed of connection.

Theory

Each entry in connection tracking table represent bidirectional communication. Every time packet gets associated to particular entry, packet size value (including IP header) is added to "connection-bytes" value for this entry.

Connection Rate calculates speed of connection based on change of "connection-bytes". Connection Rate is recalculated every second and do not have any averages.

You can specify range of speed that you like to capture.

ConnectionRate ::= [!]From-To
  From,To ::= 0..4294967295    (integer number)

Example

These rules will capture TCP/UDP traffic that was going trough the router when connection speed was below 100kbps

/ip firewall filter
add action=accept chain=forward connection-rate=0-100k protocol=tcp
add action=accept chain=forward connection-rate=0-100k protocol=udp

Notes

Connection Rate is available in RouterOS since v3.30. This option was introduced to allow capture traffic intensive connections.

Application Example - Traffic Prioritization

Quick Start for Impatient


Explanation

IP Firewall mangle



Queue

/