* [LARTC] Blocking p2p traffic
@ 2004-06-08 19:15 Walter Wickersham
2004-06-08 19:51 ` Jason Boxman
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Walter Wickersham @ 2004-06-08 19:15 UTC (permalink / raw)
To: lartc
Greetings, I've searched, found ftwall, and some other commercial solutions, but am wondering if anyone on this list has any solutions using a linux firewall to block p2p traffic, more specifically Kazaa.
Walter Wickersham
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LARTC] Blocking p2p traffic
2004-06-08 19:15 [LARTC] Blocking p2p traffic Walter Wickersham
@ 2004-06-08 19:51 ` Jason Boxman
2004-06-08 20:02 ` Horst Graffy
2004-06-20 23:02 ` Will Tatam
2 siblings, 0 replies; 4+ messages in thread
From: Jason Boxman @ 2004-06-08 19:51 UTC (permalink / raw)
To: lartc
On Tuesday 08 June 2004 15:15, Walter Wickersham wrote:
> Greetings, I've searched, found ftwall, and some other commercial
> solutions, but am wondering if anyone on this list has any solutions using
> a linux firewall to block p2p traffic, more specifically Kazaa.
Yes.
If you're using a 2.4.x series kernel, check out IPP2P[1]. You'll also need
the CONNMARK extension for IPTables. You can then easily drop p2p traffic.
If you're using a 2.6.x series kernel, check out L7-Filter[2]. You can easily
drop p2p traffic (and other nifty application level protocol matches) too.
[1] http://rnvs.informatik.uni-leipzig.de/ipp2p/index_en.html
[2] http://l7-filter.sourceforge.net/
Enjoy!
> Walter Wickersham
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LARTC] Blocking p2p traffic
2004-06-08 19:15 [LARTC] Blocking p2p traffic Walter Wickersham
2004-06-08 19:51 ` Jason Boxman
@ 2004-06-08 20:02 ` Horst Graffy
2004-06-20 23:02 ` Will Tatam
2 siblings, 0 replies; 4+ messages in thread
From: Horst Graffy @ 2004-06-08 20:02 UTC (permalink / raw)
To: lartc
Am Dienstag, 8. Juni 2004 21:15 schrieb Walter Wickersham:
> Greetings, I've searched, found ftwall, and some other commercial
> solutions, but am wondering if anyone on this list has any solutions using
> a linux firewall to block p2p traffic, more specifically Kazaa.
>
Hi,
I've integrated ipp2p
(http://rnvs.informatik.uni-leipzig.de/ipp2p/index_en.html) in my
shorewall-firewall (http://www.shorewall.net/) setup:
in /etc/shorewall/start (create the file if not there)
#######
# ipp2p
#######
echo -n " starting ipp2p "
# ip2pp for appleJuice
echo -n "(appleJuice) "
/usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --apple -j DROP
/usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --apple -j LOG --log-level 6 \
--log-prefix "ipp2p: appleJuice-traffic "
# ip2pp for dc
echo -n "(DC) "
/usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --dc -j DROP
/usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --dc -j LOG --log-level 6 \
--log-prefix "ipp2p: dc-traffic "
# ip2pp for gnutella
echo -n "(gnutella) "
/usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --gnu -j DROP
/usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --gnu -j LOG --log-level 6 \
--log-prefix "ipp2p: gnutella-traffic "
# ip2pp for eDonkey
echo -n "(eDonkey) "
/usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --edk -j DROP
/usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --edk -j LOG --log-level 6 \
--log-prefix "ipp2p: eDonkey-traffic "
# ip2pp for kazaa
echo -n "(kazaa) "
/usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --kazaa -j DROP
/usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --kazaa -j LOG --log-level 6 \
--log-prefix "ipp2p: kazaa-traffic "
# ip2pp for BitTorrent (allowed ;)
echo -n "(BitTorrent) "
#/usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --bit -j DROP
#/usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --bit -j LOG --log-level 6 \
--log-prefix "ipp2p: BitTorrent-traffic "
echo ""
echo " ipp2p started"
and in /etc/shorewall/modules
# ipp2p (p2p Traffic)
loadmodule ipp2p
work's like a charm ;))
I don't use the connmark stuff at the moment, because I have not found the
time to recompile my kernel
hope this helps
Toni
> Walter Wickersham
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LARTC] Blocking p2p traffic
2004-06-08 19:15 [LARTC] Blocking p2p traffic Walter Wickersham
2004-06-08 19:51 ` Jason Boxman
2004-06-08 20:02 ` Horst Graffy
@ 2004-06-20 23:02 ` Will Tatam
2 siblings, 0 replies; 4+ messages in thread
From: Will Tatam @ 2004-06-20 23:02 UTC (permalink / raw)
To: lartc
try
http://rnvs.informatik.uni-leipzig.de/ipp2p/index_en.html
Walter Wickersham wrote:
>Greetings, I've searched, found ftwall, and some other commercial solutions, but am wondering if anyone on this list has any solutions using a linux firewall to block p2p traffic, more specifically Kazaa.
>
>Walter Wickersham
>_______________________________________________
>LARTC mailing list / LARTC@mailman.ds9a.nl
>http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>
>
--
Will Tatam
------------------------------------------------------------
Email / JID will@netmindz.net
Web www.netmindz.net
PGP Key www.netmindz.net/will/will_tatam.asc
------------------------------------------------------------
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2004-06-20 23:02 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-06-08 19:15 [LARTC] Blocking p2p traffic Walter Wickersham
2004-06-08 19:51 ` Jason Boxman
2004-06-08 20:02 ` Horst Graffy
2004-06-20 23:02 ` Will Tatam
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.