Greetings, I''ve searched, found ftwall, and some other commercial solutions, but am wondering if anyone on this list has any solutions using a linux firewall to block p2p traffic, more specifically Kazaa. Walter Wickersham _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On Tuesday 08 June 2004 15:15, Walter Wickersham wrote:> Greetings, I''ve searched, found ftwall, and some other commercial > solutions, but am wondering if anyone on this list has any solutions using > a linux firewall to block p2p traffic, more specifically Kazaa.Yes. If you''re using a 2.4.x series kernel, check out IPP2P[1]. You''ll also need the CONNMARK extension for IPTables. You can then easily drop p2p traffic. If you''re using a 2.6.x series kernel, check out L7-Filter[2]. You can easily drop p2p traffic (and other nifty application level protocol matches) too. [1] http://rnvs.informatik.uni-leipzig.de/ipp2p/index_en.html [2] http://l7-filter.sourceforge.net/ Enjoy!> Walter Wickersham_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Am Dienstag, 8. Juni 2004 21:15 schrieb Walter Wickersham:> Greetings, I''ve searched, found ftwall, and some other commercial > solutions, but am wondering if anyone on this list has any solutions using > a linux firewall to block p2p traffic, more specifically Kazaa. >Hi, I''ve integrated ipp2p (http://rnvs.informatik.uni-leipzig.de/ipp2p/index_en.html) in my shorewall-firewall (http://www.shorewall.net/) setup: in /etc/shorewall/start (create the file if not there) ####### # ipp2p ####### echo -n " starting ipp2p " # ip2pp for appleJuice echo -n "(appleJuice) " /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --apple -j DROP /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --apple -j LOG --log-level 6 \ --log-prefix "ipp2p: appleJuice-traffic " # ip2pp for dc echo -n "(DC) " /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --dc -j DROP /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --dc -j LOG --log-level 6 \ --log-prefix "ipp2p: dc-traffic " # ip2pp for gnutella echo -n "(gnutella) " /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --gnu -j DROP /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --gnu -j LOG --log-level 6 \ --log-prefix "ipp2p: gnutella-traffic " # ip2pp for eDonkey echo -n "(eDonkey) " /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --edk -j DROP /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --edk -j LOG --log-level 6 \ --log-prefix "ipp2p: eDonkey-traffic " # ip2pp for kazaa echo -n "(kazaa) " /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --kazaa -j DROP /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --kazaa -j LOG --log-level 6 \ --log-prefix "ipp2p: kazaa-traffic " # ip2pp for BitTorrent (allowed ;) echo -n "(BitTorrent) " #/usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --bit -j DROP #/usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --bit -j LOG --log-level 6 \ --log-prefix "ipp2p: BitTorrent-traffic " echo "" echo " ipp2p started" and in /etc/shorewall/modules # ipp2p (p2p Traffic) loadmodule ipp2p work''s like a charm ;)) I don''t use the connmark stuff at the moment, because I have not found the time to recompile my kernel hope this helps Toni> Walter Wickersham > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
try http://rnvs.informatik.uni-leipzig.de/ipp2p/index_en.html Walter Wickersham wrote:>Greetings, I''ve searched, found ftwall, and some other commercial solutions, but am wondering if anyone on this list has any solutions using a linux firewall to block p2p traffic, more specifically Kazaa. > >Walter Wickersham >_______________________________________________ >LARTC mailing list / LARTC@mailman.ds9a.nl >http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > >-- Will Tatam ------------------------------------------------------------ Email / JID will@netmindz.net Web www.netmindz.net PGP Key www.netmindz.net/will/will_tatam.asc ------------------------------------------------------------ _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/