From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michal Kustosik Date: Mon, 02 Feb 2004 11:30:54 +0000 Subject: Re: [LARTC] limiting p2p Message-Id: <20040202113052.GA12174@veb.pl> List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org On Mon, Feb 02, 2004 at 12:14:25PM +0200, Eddie wrote: > Ok > What I did was blocking all forwarding,in and out, traffic on my gateway > with iptables.Only allowing establish related traffic in and out ports > thy use,80,25,110 ens.This will stop it connecting to a weard port > Now the thing about kazaa is the after it tryed all 65XXXXXXX ports it > will try in port 80,this can take a while and the stoopid user will have > close it > Now what you do is setup a transparent proxy with iptables and squid.On > squid you create acl's to stop .mp3 and .wav ens. files > And .dat files,wat kazaa uses. > Now this worked for me. > ok ;) I have done the same some times ago ;) But I'm interesting what is wrong with ipt_p2p or someting, that icmp works bad when using ipt_p2p... Anybody known ?!? Have anybody run ipt_p2p with no problems ? best... -- michal > > On Mon, 2004-02-02 at 11:39, Michal Kustosik wrote: > > *This message was transferred with a trial version of CommuniGate(tm) Pro* > > On Fri, Nov 07, 2003 at 12:27:25PM -0300, ThE PhP_KiD wrote: > > > Hi List ! > > > > > > I'm trying excelent module ipt_p2p from Filipe > > > Almeida in a Linux Box with several connections, > > > in order to block p2p traffic with next rule: > > > > > [...] > > > > > how ever, I've noted that after two days running, > > > that Linux Box (RH 7,2 updated - Kernel 2.4.22 > > > - iptables 1.2.8 with String and ConnMark modules, > > > Pentium 4, 1.8 Mhz, 256 Mgbytes RAM, and 3c509 eth0, > > > eth1 and eth2), > > > begins to drop others packets and a simple ping > > > look like this: > > > > > > > > > # ping 192.168.210.3 (by example) > > > > > > PING 192.168.210.3 (192.168.210.3) from 192.168.210.254 : 56(84) bytes of > > > data. > > > 64 bytes from 192.168.210.3: icmp_seq=0 ttld timeI9 usec > > > ping: sendto: Operation not permitted > > > ping: sendto: Operation not permitted > > > ping: sendto: Operation not permitted > > > 64 bytes from 192.168.210.3: icmp_seq=1 ttld timeG8 usec > > > ping: sendto: Operation not permitted > > > ping: sendto: Operation not permitted > > > 64 bytes from 192.168.210.3: icmp_seq=2 ttld timeH9 usec > > > ping: sendto: Operation not permitted > > > ping: sendto: Operation not permitted > > > ping: sendto: Operation not permitted > > > > > > > Hi! > > > > I have the same problem... Have you solved it? > > I can't see any answer for your email :( > > > > best > _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/