Dear All

I'm on FC 15 which is acting as a router for Cable Internet connection
for 145 PC on the LAN, which works fine... But there is one question in
my mind, How do I limit the maximum numbers of concurrent connections to
router. i.e. if I want to allow only 90 concurrent connection to the
router at the given time only 90 PCs can pass through the router or
connect to the Internet other PCs/users have to wait until the connected
PCs session is over.

is there any solution/tweak available ???

--
°v°
/(_)
^ ^ Jatin Khatri
RHCSA,RHCE,CCNA
Registerd Linux user No #501175
www.linuxcounter.net
No M$

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

On 06/27/2012 08:57 AM, Jatin K wrote:
> Dear All
>
> I'm on FC 15 which is acting as a router for Cable Internet connection
> for 145 PC on the LAN, which works fine... But there is one question in
> my mind, How do I limit the maximum numbers of concurrent connections to
> router. i.e. if I want to allow only 90 concurrent connection to the
> router at the given time only 90 PCs can pass through the router or
> connect to the Internet other PCs/users have to wait until the connected
> PCs session is over.
>
> is there any solution/tweak available ???

Your requirement is not clearly described.
The PCs do not do "connections" to the router, they do connections
to the outside world, the router is just moving packets for them.
"Number of concurrent connections" and "number of concurrent sessions"
is also difficult to define.

Are you really talking about a router or are you using a wrong word
for your proxy, VPN, ...?

--
Roberto Ragusa mail at robertoragusa.it
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

On 06/27/2012 02:14 PM, Roberto Ragusa wrote:

On 06/27/2012 08:57 AM, Jatin K wrote:
Your requirement is not clearly described.
The PCs do not do "connections" to the router, they do connections
to the outside world, the router is just moving packets for them.
"Number of concurrent connections" and "number of concurrent sessions"
is also difficult to define.

Are you really talking about a router or are you using a wrong word
for your proxy, VPN, ...?


I'm talking about a Linux machine as a router

in simple meaning .... I want to allow only ( any ) 90 PCs out of 145
PCs to go the outside word/Internet through router. If 91st request
comes to the router it must be blocked/rejected






--
°v°
/(_)
^ ^ Jatin Khatri
RHCSA,RHCE,CCNA
Registerd Linux user No #501175
www.linuxcounter.net
No M$

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

You can make it a proxy using squid or add another ethernet adapter and separate the networks into allow and deny

On 06/27/2012 05:34 AM, Jatin K wrote:

On 06/27/2012 02:14 PM, Roberto Ragusa wrote:

On 06/27/2012 08:57 AM, Jatin K wrote:
Your requirement is not clearly described.
The PCs do not do "connections" to the router, they do connections
to the outside world, the router is just moving packets for them.
"Number of concurrent connections" and "number of concurrent sessions"
is also difficult to define.

Are you really talking about a router or are you using a wrong word
for your proxy, VPN, ...?


I'm talking about a Linux machine as a router

in simple meaning .... I want to allow only ( any ) 90 PCs out of 145
PCs to go the outside word/Internet through router. If 91st request
comes to the router it must be blocked/rejected







--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Am 27.06.2012 11:34, schrieb Jatin K:
> On 06/27/2012 02:14 PM, Roberto Ragusa wrote:
>> On 06/27/2012 08:57 AM, Jatin K wrote:
>> Your requirement is not clearly described.
>> The PCs do not do "connections" to the router, they do connections
>> to the outside world, the router is just moving packets for them.
>> "Number of concurrent connections" and "number of concurrent sessions"
>> is also difficult to define.
>>
>> Are you really talking about a router or are you using a wrong word
>> for your proxy, VPN, ...?
>>
> I'm talking about a Linux machine as a router
>
> in simple meaning .... I want to allow only ( any ) 90 PCs out of 145 PCs to go the outside word/Internet through
> router. If 91st request comes to the router it must be blocked/rejected

ouch - you are missing network basics at all
there is nothing such a "tcp connection" representing the number of workstations
even any workstation can and will have much moire than one connection

what you are proposing here is not and will never be possible
due the way networks, TCP and what you not minded UDP are
supposed to work


--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

On Wed, Jun 27, 2012 at 15:39:47 +0200,
Reindl Harald <h.reindl@thelounge.net> wrote:


ouch - you are missing network basics at all


I think it is also an issue of what he is really trying to do. Other than
an experiment it really doesn't make sense to only allow connections from
only 90 of 145 PCs to outside of the local LAN. A statement of what problem
he is really trying to solve might result in some guidance.

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

On 06/27/2012 07:43 PM, Bruno Wolff III wrote:

On Wed, Jun 27, 2012 at 15:39:47 +0200,
Reindl Harald <h.reindl@thelounge.net> wrote:


ouch - you are missing network basics at all


I think it is also an issue of what he is really trying to do. Other
than an experiment it really doesn't make sense to only allow
connections from only 90 of 145 PCs to outside of the local LAN. A
statement of what problem he is really trying to solve might result in
some guidance.
well..... suppose I've 5 clients in my office ( say A,B, C, D, E ) and a
linux box which is working as a router ( gateway ), I want to allow
only 4 concurrent pcs to access the Internet, say if A,B,C,D is using
internet then fifth client E can not access the internet until any of
previous connected clients ( A,B,C, or D) gets disconnected/session ended



now can you understand what I want to say ???

--
°v°
/(_)
^ ^ Jatin Khatri
RHCSA,RHCE,CCNA
Registerd Linux user No #501175
www.linuxcounter.net
No M$

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

On 06/28/2012 01:27 PM, Jatin K wrote:
> well..... suppose I've 5 clients in my office ( say A,B, C, D, E ) and a linux box
> which is working as a router ( gateway ), I want to allow only 4 concurrent pcs to
> access the Internet, say if A,B,C,D is using internet then fifth client E can not
> access the internet until any of previous connected clients ( A,B,C, or D) gets
> disconnected/session ended

Define "access internet".....

Do you mean *all* protocols? So, you want to stop a 5th system from browsing, ftp,
ssh, ntp, pop, imap, etc? So, if A, B, C, and D are using these protocols...which
can happen without direct user input (pop/imap polls, facebook and rss feed updates,
etc.) you want to block E for an indeterminate amount of time?

Seriously?

I think you need to state the problem you are trying to solve....not ask for a
solution which really sounds wrong headed.


--
Never be afraid to laugh at yourself, after all, you could be missing out on the joke
of the century. -- Dame Edna Everage
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

On 06/28/2012 02:02 PM, Ed Greshko wrote:
> On 06/28/2012 01:27 PM, Jatin K wrote:
>> well..... suppose I've 5 clients in my office ( say A,B, C, D, E ) and a linux box
>> which is working as a router ( gateway ), I want to allow only 4 concurrent pcs to
>> access the Internet, say if A,B,C,D is using internet then fifth client E can not
>> access the internet until any of previous connected clients ( A,B,C, or D) gets
>> disconnected/session ended
> Define "access internet".....
>
> Do you mean *all* protocols? So, you want to stop a 5th system from browsing, ftp,
> ssh, ntp, pop, imap, etc? So, if A, B, C, and D are using these protocols...which
> can happen without direct user input (pop/imap polls, facebook and rss feed updates,
> etc.) you want to block E for an indeterminate amount of time?
>
> Seriously?
>
> I think you need to state the problem you are trying to solve....not ask for a
> solution which really sounds wrong headed.
>
>

You do realize that the users being barred access will be getting "timeout" notices
and such on their browsers and they a very likely to be quite irritated in short order.



--
Never be afraid to laugh at yourself, after all, you could be missing out on the joke
of the century. -- Dame Edna Everage
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

On 06/28/2012 11:32 AM, Ed Greshko wrote:

On 06/28/2012 01:27 PM, Jatin K wrote:

well..... suppose I've 5 clients in my office ( say A,B, C, D, E ) and a linux box
which is working as a router ( gateway ), I want to allow only 4 concurrent pcs to
access the Internet, say if A,B,C,D is using internet then fifth client E can not
access the internet until any of previous connected clients ( A,B,C, or D) gets
disconnected/session ended

Define "access internet".....

Do you mean *all* protocols? So, you want to stop a 5th system from browsing, ftp,
ssh, ntp, pop, imap, etc? So, if A, B, C, and D are using these protocols...which
can happen without direct user input (pop/imap polls, facebook and rss feed updates,
etc.) you want to block E for an indeterminate amount of time?

exactly



Seriously?
yes, its my client's requirement ...... I can understand its not the
way to go .... but he pays me for this ... I'm a service provider .. I
have to do what they said and want to do



I think you need to state the problem you are trying to solve....not ask for a
solution which really sounds wrong headed.

how can you prove its wrong ... they need this kind of configurations,
and my duty is to provide the solutions what they need if its possible....


I don't know the solution/configuration requirement to fulfill
their desire, thats why I'm asking the solutions to this list where so
many experts like you are available. If this is wrong then I'm really sorry



--
°v°
/(_)
^ ^ Jatin Khatri
RHCSA,RHCE,CCNA
Registerd Linux user No #501175
www.linuxcounter.net
No M$

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org