From: Michal Kustosik <kustosz@veb.pl>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] limiting p2p
Date: Mon, 02 Feb 2004 11:30:54 +0000 [thread overview]
Message-ID: <20040202113052.GA12174@veb.pl> (raw)
In-Reply-To: <marc-lartc-106821892518555@msgid-missing>
On Mon, Feb 02, 2004 at 12:14:25PM +0200, Eddie wrote:
> Ok
> What I did was blocking all forwarding,in and out, traffic on my gateway
> with iptables.Only allowing establish related traffic in and out ports
> thy use,80,25,110 ens.This will stop it connecting to a weard port
> Now the thing about kazaa is the after it tryed all 65XXXXXXX ports it
> will try in port 80,this can take a while and the stoopid user will have
> close it
> Now what you do is setup a transparent proxy with iptables and squid.On
> squid you create acl's to stop .mp3 and .wav ens. files
> And .dat files,wat kazaa uses.
> Now this worked for me.
>
ok ;) I have done the same some times ago ;)
But I'm interesting what is wrong with ipt_p2p or someting, that
icmp works bad when using ipt_p2p... Anybody known ?!?
Have anybody run ipt_p2p with no problems ?
best...
--
michal
>
> On Mon, 2004-02-02 at 11:39, Michal Kustosik wrote:
> > *This message was transferred with a trial version of CommuniGate(tm) Pro*
> > On Fri, Nov 07, 2003 at 12:27:25PM -0300, ThE PhP_KiD wrote:
> > > Hi List !
> > >
> > > I'm trying excelent module ipt_p2p from Filipe
> > > Almeida in a Linux Box with several connections,
> > > in order to block p2p traffic with next rule:
> > >
> > [...]
> >
> > > how ever, I've noted that after two days running,
> > > that Linux Box (RH 7,2 updated - Kernel 2.4.22
> > > - iptables 1.2.8 with String and ConnMark modules,
> > > Pentium 4, 1.8 Mhz, 256 Mgbytes RAM, and 3c509 eth0,
> > > eth1 and eth2),
> > > begins to drop others packets and a simple ping
> > > look like this:
> > >
> > >
> > > # ping 192.168.210.3 (by example)
> > >
> > > PING 192.168.210.3 (192.168.210.3) from 192.168.210.254 : 56(84) bytes of
> > > data.
> > > 64 bytes from 192.168.210.3: icmp_seq=0 ttld timeI9 usec
> > > ping: sendto: Operation not permitted
> > > ping: sendto: Operation not permitted
> > > ping: sendto: Operation not permitted
> > > 64 bytes from 192.168.210.3: icmp_seq=1 ttld timeG8 usec
> > > ping: sendto: Operation not permitted
> > > ping: sendto: Operation not permitted
> > > 64 bytes from 192.168.210.3: icmp_seq=2 ttld timeH9 usec
> > > ping: sendto: Operation not permitted
> > > ping: sendto: Operation not permitted
> > > ping: sendto: Operation not permitted
> > >
> >
> > Hi!
> >
> > I have the same problem... Have you solved it?
> > I can't see any answer for your email :(
> >
> > best
>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
next prev parent reply other threads:[~2004-02-02 11:30 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-11-07 15:27 [LARTC] limiting p2p ThE PhP_KiD
2004-02-02 9:39 ` Michal Kustosik
2004-02-02 10:14 ` Eddie
2004-02-02 11:30 ` Michal Kustosik [this message]
2004-02-02 18:27 ` ThE PhP_KiD
2004-02-03 0:01 ` ThE LinuX_KiD
2004-02-03 17:44 ` andybr
2004-02-03 23:52 ` miller69
2004-02-04 12:55 ` GoMi
2004-02-04 13:31 ` Mike Miller
2004-02-04 15:39 ` GoMi
2004-02-04 16:57 ` Mike Miller
2004-02-04 17:48 ` GoMi
2004-02-04 17:49 ` GoMi
2004-02-05 19:05 ` Mike Miller
2004-02-07 14:36 ` GoMi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040202113052.GA12174@veb.pl \
--to=kustosz@veb.pl \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox