Behaviour of 'Max. connections' adv setting when limit reached
-
I'm looking at adding a rule to pick out some specific traffic and apply the 'Max. connections' advanced rule to limit the number of states each incoming IP can have open.
Some of the subsequent rules would also pass this traffic.
I understand that I could place a specific block under this new rule or use tagging to prevent subsequent rules processing but, due to it's role, I try to keep this firewall as 'clean' as possible for the sake of readability. i.e. I want to do this with a single rule if I can.
My question is this: once the max connections is reached. Will this rule logic start to behave as a block or will it no longer match and continue to process subsequent rules?
-
Having now implemented and tested this, I believe that it still acts as a match/pass but will not create additional states when it's at the limit set by this option.