I do not how to use match string to deny kazaa traffic, if I put the word kazaa only http content is deny but the kazaa aplication is running, are there special commands to match string? thanks _________________________________________________________________ Charla con tus amigos en línea mediante MSN Messenger: http://messenger.microsoft.com/es _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> I do not how to use match string to deny kazaa traffic, if I put the word > kazaa only http content is deny but the kazaa aplication is running, are > there special commands to match string?Try something like this: iptables -A PREROUTING -t mangle -j CONNMARK --restore-mark iptables -A PREROUTING -t mangle -m mark ! --mark 0 -j ACCEPT iptables -A PREROUTING -t mangle -m string --string "X-Kazaa" -j MARK --set-mark 1 iptables -A PREROUTING -t mangle -j CONNMARK --save-mark (Requires mark, connmark and string netfilter modules) tc qdisc add dev eth0 root handle 1: htb default 11 tc class add dev eth0 parent 1: classid 1:1 htb rate 10Mbps ceil 10Mbps burst 2k tc class add dev eth0 parent 1:1 classid 1:10 htb rate 1Mbps ceil 1Mbps burst 2k tc class add dev eth0 parent 1:1 classid 1:11 htb rate 9Mbps ceil 10Mbps burst 2k tc filter add dev eth0 parent 1: protocol ip prio 3 handle 1 fw classid 1:10 Rubens _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Am Donnerstag, 1. April 2004 20:54 schrieb Mauricio Lataban:> I do not how to use match string to deny kazaa traffic, if I put the word > kazaa only http content is deny but the kazaa aplication is running, are > there special commands to match string?use ipp2p from http://rnvs.informatik.uni-leipzig.de/ipp2p/index_en.html works like a charm ;)) Toni _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Mauricio, you can try the ''ftwall'' with iptables to do this. It''s have a lot of strategics to do this :) []''s x-arnie Mauricio Lataban wrote:> I do not how to use match string to deny kazaa traffic, if I put the > word kazaa only http content is deny but the kazaa aplication is > running, are there special commands to match string? > > thanks > > _________________________________________________________________ > Charla con tus amigos en línea mediante MSN Messenger: > http://messenger.microsoft.com/es > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/