This is very nice netfilter module:
This patch by Gerd Knorr <kraxel@bytesex.org> adds a new match that will allow you to restrict the number of parallel TCP connections from a particular host or network.
I've compiled it for brcm-2.4 target (linksys wrt54g/gs for e.g. with kamikaze and 2.4 kernel) and put it temporarily for download from kmod-ipt-connlimit_2.4.34-brcm-1_mipsel.ipk and iptables-mod-connlimit_1.3.8-1_mipsel.ipk
I created these while I built my kamikaze, I patched kernel and iptables with patch-o-matic-ng's runme connlimit (notice that before patching you need to run patch-o-matic-ng's runme --download connlimit to get it available) and then added options to my configurations of kernel and iptables for building kernel module and iptables extension. Unfortunately I am a novice with packages, so I wasn't able to make a package that could be easily added to buildroot for reproducing, I made ipk files manually, but with this documentation, it should be possible to include connlimit in future to buildroot of kamikaze without needing to do these tricks any more for getting it.
Hopefully someone who is a talented in creation of packages, would make this a package for buildroot and deliver a svn diff for devels..
---
How to install? First install kernel module (kmod-ipt-connlimit...) and then iptables extension (the another file)..
EDIT: Fixed a typo on download link
(Last edited by jake1981 on 18 Jul 2007, 12:41)