From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Guillermo Javier Nardoni" Date: Fri, 07 Oct 2005 12:47:22 +0000 Subject: Re: [LARTC] Problems with ipp2p Message-Id: <00cf01c5cb3e$0cb84160$b80010ac@ripst> MIME-Version: 1 Content-Type: multipart/mixed; boundary="===============0827754774==" List-Id: References: <200510062337.44207.Andreas.Klauer@metamorpher.de> In-Reply-To: <200510062337.44207.Andreas.Klauer@metamorpher.de> To: lartc@vger.kernel.org This is a multi-part message in MIME format. --===============0827754774== Content-Type: multipart/alternative; boundary="----=_NextPart_000_00CB_01C5CB24.1D97B570" This is a multi-part message in MIME format. ------=_NextPart_000_00CB_01C5CB24.1D97B570 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hello there, may be you should you: iptables -t nat -A PREROUTING -p tcp -i $DEV_IN -m ipp2p --ipp2p -j DROP iptables -t nat -A POSTROUTING -p tcp -o $DEV_OUT -m ipp2p --ipp2p -j = DROP i had some issues trying ipp2p, but when i've just put -t nat or -t = mangle or even -t filter (default for iptables, i guess) it worked very nice regards guillermo from argentina P.D: Sorry Andrea, i sweared i was sending an email to the mailing list = instead of you.- ----- Original Message -----=20 From: Carlos Rosero=20 To: lartc@mailman.ds9a.nl=20 Sent: Thursday, October 06, 2005 6:40 PM Subject: [LARTC] Problems with ipp2p Hello every body: =20 I have RedHat fedora core 2 machine, using iptables and squid. I am = having a lot of problems with peer2peer traffic. (bittorrent, kazaa, = etc.) so I have installed ipp2p from rpm. Every thing was ok until I use iptables rules. I get this error. =20 [root@router iptables]# iptables -A INPUT -p tcp -m ipp2p --ipp2p -j = DROP iptables: No chain/target/match by that name sames as: iptables -A FORWARD -m ipp2p --ipp2p -j MARK --set-mark 0x01 iptables -A FORWARD -m ipp2p --udp --kazaa --bit -j DROP iptables -A FORWARD -m ipp2p --tcp --edk --soul -j DROP same error. =20 but if I use iptables -m ipp2p -help I get the help page: [root@router iptables]# iptables -m ipp2p --help iptables v1.2.9 =20 Usage: iptables -[AD] chain rule-specification [options] iptables -[RI] chain rulenum rule-specification [options] iptables -D chain rulenum [options] . IPP2P v0.7.1 options: --ipp2p Grab all known p2p packets --ipp2p-data Identify all known p2p download commands (obsolete) =20 --edk [TCP&UDP] All known eDonkey/eMule/Overnet = packets --dc [TCP] All known Direct Connect packets . So I don't know what is wrong.=20 =20 My system: =20 [root@router iptables]# cat /proc/version=20 Linux version 2.6.10-1.771_FC2smp (bhcompile@porky.build.redhat.com) = (gcc version 3.3.3 20040412 (Red Hat Linux 3.3.3-7)) #1 SMP Mon Mar 28 = 01:10:51 EST 2005 =20 Iptables version iptables-1.2.9-2.3.1 =20 Thanks. =20 Carlos -------------------------------------------------------------------------= ----- _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ------=_NextPart_000_00CB_01C5CB24.1D97B570 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

Hello there,=20 may be you should you:

iptables -t nat -A PREROUTING -p tcp -i = $DEV_IN -m=20 ipp2p --ipp2p -j DROP
iptables -t nat -A POSTROUTING -p tcp -o = $DEV_OUT -m=20 ipp2p --ipp2p -j DROP

i had some issues trying ipp2p, but when = i've just=20 put -t nat or -t mangle
or even -t filter (default for iptables, i = guess) it=20 worked very nice

regards

guillermo from=20 argentina

P.D: Sorry Andrea, i sweared i was sending an = email to=20 the mailing list instead of you.-

----- Original Message -----

From:=20 Carlos = Rosero=20

To: lartc@mailman.ds9a.nl

Sent: Thursday, October 06, = 2005 6:40=20 PM

Subject: [LARTC] Problems with=20 ipp2p

Hello every=20 body:

I have RedHat fedora = core 2=20 machine, using iptables and squid. I am having a lot of problems with=20 peer2peer traffic. (bittorrent, kazaa, etc.) so I have installed ipp2p = from=20 rpm.

Every thing was ok until = I use=20 iptables rules. I get this error.

[root@router iptables]# = iptables=20 -A INPUT -p tcp -m ipp2p --ipp2p -j DROP

iptables: No = chain/target/match by=20 that name

sames=20 as:

iptables -A FORWARD -m = ipp2p=20 --ipp2p -j MARK --set-mark 0x01

iptables -A = FORWARD -m ipp2p=20 --udp --kazaa --bit -j DROP

iptables -A = FORWARD -m ipp2p=20 --tcp --edk --soul -j DROP

same=20 error.

but if I use iptables -m = ipp2p=20 =96help I get the help page:

[root@router iptables]# = iptables=20 -m ipp2p --help

iptables=20 v1.2.9

Usage: iptables -[AD] = chain=20 rule-specification [options]

=20 iptables -[RI] chain rulenum rule-specification=20 [options]

=20 iptables -D chain rulenum [options]

=85

IPP2P v0.7.1=20 options:

--ipp2p =20 Grab all known p2p packets

--ipp2p-data =20 Identify all known p2p download commands=20 (obsolete)

--edk = [TCP&UDP] All known=20 eDonkey/eMule/Overnet packets

--dc &n= bsp;=20 [TCP] All = known=20 Direct Connect packets

=85

So I don=92t know what = is wrong.=20

My=20 system:

[root@router iptables]# = cat=20 /proc/version

Linux version = 2.6.10-1.771_FC2smp=20 (bhcompile@porky.build.redhat.com) (gcc version 3.3.3 20040412 (Red = Hat Linux=20 3.3.3-7)) #1 SMP Mon Mar 28 01:10:51 EST = 2005

Iptables=20 version

iptables-1.2.9-2.3.1

Thanks.

Carlos

_______________________________________________
LARTC = mailing=20 = list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/l= istinfo/lartc
------=_NextPart_000_00CB_01C5CB24.1D97B570-- --===============0827754774== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc --===============0827754774==--