LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 02-11-2015, 12:01 PM   #1
wadesmart
Member
 
Registered: Jul 2005
Location: Oklahoma
Distribution: Ubuntu
Posts: 83

Rep: Reputation: 15
Limit the number of connections based on protocol


We have a radio that wont connect to a back haul with http traffic but only https traffic. It will work in bridge mode just fine though. A band new radio out of the box does the same thing.

We use Ubiquiti which is based on Debian. I use Ubuntu but Im not that well versed on the command line. So this is my question: can you limit the number of physical connections by protocol?
 
Old 02-12-2015, 07:11 AM   #2
rtmistler
Moderator
 
Registered: Mar 2011
Location: USA
Distribution: MINT Debian, Angstrom, SUSE, Ubuntu, Debian
Posts: 9,890
Blog Entries: 13

Rep: Reputation: 4934Reputation: 4934Reputation: 4934Reputation: 4934Reputation: 4934Reputation: 4934Reputation: 4934Reputation: 4934Reputation: 4934Reputation: 4934Reputation: 4934
You'd have to use a firewall, either one existing in your distribution or install one and then determine the settings in that firewall software which limits the number of connections per protocol port number.

I do not believe that the native networking allows for this level of protection or controllability, that's more specialized to the features provided by firewall software.

For Ubuntu there is something called the Uncomplicated Firewall and you can add filters per protocol port number with the keyword "limit" to set up a filter to limit that port. Sorry I'm not sure of the exact syntax or whether or not this particular concept is one which is permissible with that software, I haven't used it. But looking at the man page for it, this appears to be a choice one can do, and also it appears that a "dry run" is available so you can see the changes before you actually apply them.

Actually, reading more "limit" there is not for connection limits, but rather rate limits. Therefore the UFW would not be helpful here, or at least that particular setting is not going to do what you want.

Last edited by rtmistler; 02-12-2015 at 07:17 AM.
 
Old 02-12-2015, 10:56 AM   #3
wadesmart
Member
 
Registered: Jul 2005
Location: Oklahoma
Distribution: Ubuntu
Posts: 83

Original Poster
Rep: Reputation: 15
Ive been working on this and we just cant figure out how or why
this connection has been limited. The radios have firewalls and
none are turned on but, like you indicated - it is rate limit
and not connection.

The Access Point currently has 9 connected clients but for
whatever reason, we cannot connect this client any other way
than https. Its really strange.
 
Old 02-12-2015, 12:12 PM   #4
rtmistler
Moderator
 
Registered: Mar 2011
Location: USA
Distribution: MINT Debian, Angstrom, SUSE, Ubuntu, Debian
Posts: 9,890
Blog Entries: 13

Rep: Reputation: 4934Reputation: 4934Reputation: 4934Reputation: 4934Reputation: 4934Reputation: 4934Reputation: 4934Reputation: 4934Reputation: 4934Reputation: 4934Reputation: 4934
I'm a bit confused. I thought the crux of your first question was how does someone limit connections per port. Now it appears that the question is that you have these radios and cannot scale beyond a certain connection limitation, therefore you're asking if a protocol port limit filter might be the problem.

Have I guessed the correct form of the question with that second variation?

My questions given that is the issue would then be:

Are the number of connections limited, or just the fact that you have to use https?

If the number of connections gets limited, might that just be because an access point limits the number of clients it will accept and provide DHCP for, and you happen to be hitting that limitation?

All things aside, can you run wireshark or an equivalent network monitoring utility and then see what's going on with respect to these connection attempts and failures?

Given that last one I'd trace an http session attempt and see what happens.

I'd review the radio settings and application settings and see if something is set to require secure connections only. Maybe that's a default and maybe it's also not a big deal. Nothing wrong with using https is there?
 
Old 02-12-2015, 06:59 PM   #5
wadesmart
Member
 
Registered: Jul 2005
Location: Oklahoma
Distribution: Ubuntu
Posts: 83

Original Poster
Rep: Reputation: 15
Sorry I wasnt more clear.

I do not want to limit connections.
I have a Access Point that forever reason is limiting connections.
The number of connections is not limited - either hardware or software.
Another unit of ours has 25 clients connected. This one stopped at 9.
Its not a dhcp issue.
Its not a wireless issue either.
A new client can connect in router mode with https OR in bridge mode
with http.

Well - there is nothing wrong with running https but you cant
connect to every url with https.

It finally was enough of an issue that we pulled the AP - which
we cant find anything wrong with - and ... still had the issue.
So, its not the AP.

During this swap we were looking at our logs (again) and we noticed
a issue with this specific IP. It had been flagged a few times
for passing bad traffic (this was due to the radio running
in bridge mode). Could not find that the IP had been blocked
but, after we installed the radio it was assigned a new IP and
its passing traffic fine now.

We discovered just a bit later that the IP had been assigned
to another radio and ... it would not pass traffic. So we went
back to the dhcp server and reserved that address so it wont
be reassigned.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
limit number of concurrent network connections procfs Linux - Newbie 2 02-02-2009 01:16 AM
KDE limit number of ftp connections zxLinux Linux - Desktop 1 07-26-2008 03:15 AM
Limit number of concurrent connections in apache jakev383 Linux - Server 2 07-18-2008 03:58 PM
Limit number of simultaneous TCP connections per IP hegdeshashi Linux - Networking 1 01-06-2006 08:29 PM
How to limit the number of TCP connections for a certain port? mussons Linux - Security 1 01-28-2004 06:27 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:06 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration