I hate people using P2P downloaders to eat up the whole network access.
As I have the root access of the router (easy to hack), I add some rules to limit it.
iptables -I FORWARD -p tcp --syn -m connlimit --connlimit-above 30 -j DROP iptables -I FORWARD -p! tcp -m connlimit --connlimit-above 30 -j DROP
First line is to limit tcp connections to 30 per ip.
Second line is to limit non-tcp connections to 30 per ip.
Here is Chinese version:
限制连接数以防止P2P下载器例如迅雷、电驴、BT及P2P播放器例如PPS、PPLive、风行等。
以下为在路由器上执行的代码(通过telnet连接)
iptables -I FORWARD -p tcp --syn -m connlimit --connlimit-above 30 -j DROP iptables -I FORWARD -p! tcp -m connlimit --connlimit-above 30 -j DROP
第一行为限制tcp连接数到30个每ip。
第二行为限制非tcp连接数到30个每ip。