Helo everybody! I''ve tried to block kazaa using diferent ways, but no one give me results. I''m using the last version of shorewall and blocking all ports from loc to net except the importants like 25,80,110. There is a script on page http://www.lowth.com/p2pwall/ teaching how to block kazaa using "string match suport", you may compile a kernel or download one pre-compiled. I recompile my kernel and add the "string match suport". I folow the "kernel configuration" on documantation of shorewall and add the modules as the same way. But on startup of script some modules are missing: ipt_recent ip_queue Before I compile the kernel, this modules are there, but now they doesn''t exit. 1- This modules are suppose to choose when you compile the kernel whith cmd: "make menuconfig"? If yes, whitch line are there? On "networking options" or "netfilter options"? 2- Can I put this modules without recompile the kernel? 3- What should I do? Thanks for all! Bruno Ayub. diretoria@securityopensource.org.br
On Thu, 2003-09-18 at 13:10, suporte wrote:> Helo everybody! > I''ve tried to block kazaa using diferent ways, but no one give me results. I''m using the last version of shorewall and blocking all ports from loc to net except the importants like 25,80,110. > > There is a script on page http://www.lowth.com/p2pwall/ teaching how to block kazaa using "string match suport", you may compile a kernel or download one pre-compiled. > I recompile my kernel and add the "string match suport". I folow the "kernel configuration" on documantation of shorewall and add the modules as the same way. > But on startup of script some modules are missing: > ipt_recent > ip_queue > Before I compile the kernel, this modules are there, but now they doesn''t exit. > 1- This modules are suppose to choose when you compile the kernel whith cmd: "make menuconfig"? If yes, whitch line are there? On "networking options" or "netfilter options"? > 2- Can I put this modules without recompile the kernel? > 3- What should I do? >This is one of the main reasons why I don''t include Shorewall support for Patch-O-Matic features like string match -- I simply don''t have the spare cycles needed to try to support newbies building kernels. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
suporte wrote:>Helo everybody! >I''ve tried to block kazaa using diferent ways, but no one give me results. I''m using the last version of shorewall and blocking all ports from loc to net except the importants like 25,80,110. > >There is a script on page http://www.lowth.com/p2pwall/ teaching how to block kazaa using "string match suport", you may compile a kernel or download one pre-compiled. >I recompile my kernel and add the "string match suport". I folow the "kernel configuration" on documantation of shorewall and add the modules as the same way. >But on startup of script some modules are missing: >ipt_recent >ip_queue >Before I compile the kernel, this modules are there, but now they doesn''t exit. >1- This modules are suppose to choose when you compile the kernel whith cmd: "make menuconfig"? If yes, whitch line are there? On "networking options" or "netfilter options"? >2- Can I put this modules without recompile the kernel? >3- What should I do? > >Thanks for all! > >Bruno Ayub. > >diretoria@securityopensource.org.br >There is an article in this month''s Linux Journal covering this topic. I believe they used the netfilter QUEUE feature to deliver the packets to another program for blockage. Sorry I don''t have more info as I don''t have the LJ for this month. PS: Please do not direct non-standard kernel module compilation questions to the list as shorewall cleary covers only the standard modules, such a question should be directed to the netfilter/patch-o-matic mailing lists. Patrick