From: "Greg Scott" <GregScott@InfraSupportEtc.com>
To: lartc@vger.kernel.org
Subject: RE: [LARTC] KaZZaa and connection sequences
Date: Tue, 13 May 2003 13:24:20 +0000 [thread overview]
Message-ID: <marc-lartc-105283235910080@msgid-missing> (raw)
In-Reply-To: <marc-lartc-105283048908146@msgid-missing>
I would look at a commercial web filtering product like Smartfilter and
then run this on top of Squid, all inside your firewall/router/traffic
shaping box. And then use Smartfilter to restrict downloads of any MP3
or other stuff like that. The Smartfilter subscription should keep up
with the rapidly moving IP Addresses of these things and then you can
set filtering policies at an application level. Imho it's a losing
battle to set application filtering policies at the packet level.
- Greg Scott
-----Original Message-----
From: GoMi [mailto:gomiuk@hotmail.com]
Sent: Tuesday, May 13, 2003 7:54 AM
To: lartc@mailman.ds9a.nl
Subject: [LARTC] KaZZaa and connection sequences
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi there, i am having big touble wiht traffic shaping and kazza, by any
reason, it seems to collapse all the system. I have a firewall to stop
users using p2p programs during day time, and then its totally free for
them to access anywhere during night-time.
First problem Problem... KaZZa
During day-time, there are kazza servers accepting connections on pot
80, and because i cant filter that port, my users can dowload. I have
tried to study the sequence of kazza programs using tcpdump, but i got
no conclusions, Does anybody know how to distinguish between HTTP
connections and KaZZa?
Second Problem... KaZZa (hehehe)
During night-time, i register lots of ack packets due to kazza programs,
anybody in the same situation? I just red about layer-7 filtering, but i
cant change my kernel right now, so i want to try as much as i can with
packet filtering.. Anybody here?
Thank You
GoMi
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0
iQA/AwUBPsDqz37diNnrrZKsEQKkTwCeMuH0YpDT7Qxg6XMdycivAYUqgM4AniF0
fo6yBE3P1OqqZrKHt5t7fxaf
=Z00o
-----END PGP SIGNATURE-----
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
next prev parent reply other threads:[~2003-05-13 13:24 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-05-13 12:53 [LARTC] KaZZaa and connection sequences GoMi
2003-05-13 13:24 ` Greg Scott [this message]
2003-05-13 13:24 ` Gordan Bobic
2003-05-13 13:48 ` Ethan Sommer
2003-05-14 6:43 ` rio
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-105283235910080@msgid-missing \
--to=gregscott@infrasupportetc.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.