From mboxrd@z Thu Jan 1 00:00:00 1970 From: "rio@martin.mu" Date: Wed, 14 May 2003 06:43:27 +0000 Subject: RE: [LARTC] KaZZaa and connection sequences Message-Id: List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Original Message: ----------------- From: GoMi gomiuk@hotmail.com >Hi there, i am having big touble wiht traffic shaping and kazza, by any >>reason, it seems to collapse all the system. I have a firewall to stop users >using p2p programs during day time, and then its totally free for them to >>access anywhere during night-time. >First problem Problem... KaZZa >During day-time, there are kazza servers accepting connections on pot 80, >>and because i cant filter that port, my users can dowload. I have tried to >study the sequence of kazza programs using tcpdump, but i got no conclusions, Does anybody know how to distinguish between HTTP connections >>and KaZZa? Kazaa is hard to stopped, did u already know that when you sniff your clients connection using Kazaa, there are random tcp port range from 1214 until 4000 connecting from your clients to random and numerous ips outside. So perhaps you need to shape all protocols going to your clients. That worked for me. If you want in daylight is just for web browsing you could use Squid as Bandwidth Limiter with its Delay Pool, and IPTABLES to block all outgoing connection except port 80. Regards, Rio Martin. -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/