Hi all, I''m tring to isolate P2P traffic, specifically BitTorrent, for my QoS scripts. I can''t seem to completely isolate ALL BitTorrent traffic. I identify & mark packets and then use tc filters to put them into appropriate classes. My firewall rules (below) do the markings. My VoIP boxes'' and ICMP traffic get highest priority (mark 1). Then comes DNS, SSH, and Telnet (mark 2), After this, I try to isolate BitTorrent traffic (mark 4). If the packet is none of the above, then mark with a default mark (mark 3). I ran my BitTorrent client (uTorrent) for a while, with no other big uploading application running on my network. My firewall rules and statistics are below. You can find that a large chunk got marked with 3 (default mark), apart from marked BitTorrent traffic. I put the LOG target just to see what traffic it is and SURPRISE ! It was BitTorrent traffic. A snippet from my kernel log (from iptables) is below. My PC''s IP is 192.168.1.105 and port 10305 is uTorrent''s port. And, other packets not going out of that port - I confirmed they are from uTorrent by doing this on a bunch of entries: D:\Junk>netstat -nb | grep -A1 1553 TCP 192.168.1.105:1771 195.23.20.78:21488 ESTABLISHED 4080 [utorrent.exe] D:\Junk> I''ve tried using -m layer7 --l7proto bittorrent and IPP2P''s -m ipp2p --ipp2p. Same effect. Kernel version - 2.4.30 iptables version - v1.3.3 ipp2p version : v0.8.1_rc1 vlan1 is my WAN interface. FWIW, I''m doing this on my WRT54G V3 router running OpenWRT WhiteRussian RC5. I don''t want to put all traffic on high-ports (>1024) into Bulk since I have a bunch of stuff running on high-ports outside that I access. I just want to be able to completely isolate P2P/BitTorrent and mark it bulk. Any help appreciated. Thanks. PS. I sent this on Sep 11, 2006 at 3:56 PM. It never showed up in the list archive. So, reposting. Apologize if this is a repeat. Firewall: --------- Chain POSTROUTING (policy ACCEPT 1404K packets, 600M bytes) pkts bytes target prot opt in out source destination 1024K 394M QOS_Chain all -- * * 0.0.0.0/0 0.0.0.0/0 Chain QOS_Chain (1 references) pkts bytes target prot opt in out source destination 6971 1418K MARK all -- * vlan1 192.168.1.107 0.0.0.0/0 MARK set 0x1 40271 8118K MARK all -- * vlan1 192.168.1.111 0.0.0.0/0 MARK set 0x1 0 0 MARK icmp -- * vlan1 0.0.0.0/0 0.0.0.0/0 icmp type 8 MARK set 0x1 281 20041 MARK udp -- * vlan1 0.0.0.0/0 0.0.0.0/0 udp dpt:53 MARK set 0x2 0 0 MARK tcp -- * vlan1 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 MARK set 0x2 0 0 MARK tcp -- * vlan1 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 MARK set 0x2 47517 9555K RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 MARK match !0x0 152K 72M CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 CONNMARK restore 3849 2043K MARK all -- * * 0.0.0.0/0 0.0.0.0/0 ipp2p v0.8.1_rc1 --bit MARK set 0x4 49411 28M CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK match 0x4 CONNMARK save 24859 32M LOG all -- * vlan1 0.0.0.0/0 0.0.0.0/0 length 100:65535 MARK match 0x0 LOG flags 0 level 4 prefix `UNMARKED Packet: '' 29544 32M MARK all -- * vlan1 0.0.0.0/0 0.0.0.0/0 MARK match 0x0 MARK set 0x3 Kernel log (snippet): --------------------- Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 SRC=192.168.1.105 DST=87.11.229.118 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 ID=64569 DF PROTO=TCP SPT=10305 DPT=16224 WINDOW=64396 RES=0x00 ACK URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 SRC=192.168.1.105 DST=87.11.229.118 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 ID=64570 DF PROTO=TCP SPT=10305 DPT=16224 WINDOW=64396 RES=0x00 ACK PSH URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 SRC=192.168.1.105 DST=87.11.229.118 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 ID=64571 DF PROTO=TCP SPT=10305 DPT=16224 WINDOW=64396 RES=0x00 ACK URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 SRC=192.168.1.105 DST=24.176.137.55 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 ID=64572 DF PROTO=TCP SPT=1983 DPT=50001 WINDOW=65320 RES=0x00 ACK URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 SRC=192.168.1.105 DST=81.178.115.37 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 ID=64573 DF PROTO=TCP SPT=1553 DPT=60546 WINDOW=65269 RES=0x00 ACK URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 SRC=192.168.1.105 DST=195.23.20.78 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 ID=64576 DF PROTO=TCP SPT=1771 DPT=21488 WINDOW=64842 RES=0x00 ACK URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 SRC=192.168.1.105 DST=195.23.20.78 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 ID=64577 DF PROTO=TCP SPT=1771 DPT=21488 WINDOW=64842 RES=0x00 ACK URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 SRC=192.168.1.105 DST=172.158.155.236 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 ID=64578 DF PROTO=TCP SPT=1938 DPT=35714 WINDOW=64282 RES=0x00 ACK URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 SRC=192.168.1.105 DST=172.158.155.236 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 ID=64579 DF PROTO=TCP SPT=1938 DPT=35714 WINDOW=64282 RES=0x00 ACK URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 SRC=192.168.1.105 DST=195.23.20.78 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 ID=64580 DF PROTO=TCP SPT=1771 DPT=21488 WINDOW=64842 RES=0x00 ACK PSH URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 SRC=192.168.1.105 DST=195.23.20.78 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 ID=64581 DF PROTO=TCP SPT=1771 DPT=21488 WINDOW=64842 RES=0x00 ACK URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 SRC=192.168.1.105 DST=81.178.115.37 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 ID=64583 DF PROTO=TCP SPT=1553 DPT=60546 WINDOW=65269 RES=0x00 ACK URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 SRC=192.168.1.105 DST=87.11.229.118 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 ID=64584 DF PROTO=TCP SPT=10305 DPT=16224 WINDOW=64396 RES=0x00 ACK URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 SRC=192.168.1.105 DST=24.176.137.55 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 ID=64586 DF PROTO=TCP SPT=1983 DPT=50001 WINDOW=65520 RES=0x00 ACK URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 SRC=192.168.1.105 DST=24.176.137.55 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 ID=64587 DF PROTO=TCP SPT=1983 DPT=50001 WINDOW=65520 RES=0x00 ACK URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 SRC=192.168.1.105 DST=24.176.137.55 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 ID=64588 DF PROTO=TCP SPT=1983 DPT=50001 WINDOW=65520 RES=0x00 ACK URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 SRC=192.168.1.105 DST=201.66.191.158 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 ID=64611 DF PROTO=TCP SPT=1748 DPT=23845 WINDOW=65426 RES=0x00 ACK URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 SRC=192.168.1.105 DST=201.66.191.158 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 ID=64612 DF PROTO=TCP SPT=1748 DPT=23845 WINDOW=65426 RES=0x00 ACK URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 SRC=192.168.1.105 DST=172.158.155.236 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 ID=64613 DF PROTO=TCP SPT=1938 DPT=35714 WINDOW=64265 RES=0x00 ACK URGP=0
El Tuesday 12 September 2006 11:49, K Venkat escribió:> Hi all, > > I''m tring to isolate P2P traffic, specifically BitTorrent, for my QoS > scripts. I can''t seem to completely isolate ALL BitTorrent traffic. > > I identify & mark packets and then use tc filters to put them into > appropriate classes. My firewall rules (below) do the markings. My VoIP > boxes'' and ICMP traffic get highest priority (mark 1). Then comes DNS, > SSH, and Telnet (mark 2), After this, I try to isolate BitTorrent traffic > (mark 4). If the packet is none of the above, then mark with a default > mark (mark 3). > > I ran my BitTorrent client (uTorrent) for a while, with no other big > uploading application running on my network. My firewall rules and > statistics are below. You can find that a large chunk got marked with 3 > (default mark), apart from marked BitTorrent traffic. I put the LOG target > just to see what traffic it is and SURPRISE ! It was BitTorrent traffic. > > A snippet from my kernel log (from iptables) is below. My PC''s IP is > 192.168.1.105 and port 10305 is uTorrent''s port. And, other packets not > going out of that port - I confirmed they are from uTorrent by doing this > on a bunch of entries: > > D:\Junk>netstat -nb | grep -A1 1553 > TCP 192.168.1.105:1771 195.23.20.78:21488 ESTABLISHED 4080 > [utorrent.exe] > > D:\Junk> > > I''ve tried using -m layer7 --l7proto bittorrent and IPP2P''s -m > ipp2p --ipp2p. Same effect. > > Kernel version - 2.4.30 > iptables version - v1.3.3 > ipp2p version : v0.8.1_rc1 > vlan1 is my WAN interface. > > FWIW, I''m doing this on my WRT54G V3 router running OpenWRT WhiteRussian > RC5. > > I don''t want to put all traffic on high-ports (>1024) into Bulk since I > have a bunch of stuff running on high-ports outside that I access. I just > want to be able to completely isolate P2P/BitTorrent and mark it bulk.In my experience, the most efective way to shape p2p is to spend some time learning what is NOT p2p, then all other trafic is p2p. If there is a new prio app with a new port, you can add it to the list of known ports, if there is a new p2p protocol that is killing out all isps you just enjoy and relax, cause it is already shaped. -- Luciano
I''ll tell you what I did to completelly isolate MY bittorrent traffic. In azureus you can tell the program to use a specific IP, so I have two IP''s per PC, one for p2p and the other one as the main IP. Then I simply shape traffic from the azureus IP in each PC. Obviously this only works for you, since you wont convince any user to do this, but I found it quite practical if that''s what you need. aMule doesn''t have the same option, but this traffic is easy to detect. El Martes, 12 de Septiembre de 2006 11:49, K Venkat escribió:> Hi all, > > I''m tring to isolate P2P traffic, specifically BitTorrent, for my QoS > scripts. I can''t seem to completely isolate ALL BitTorrent traffic. > > I identify & mark packets and then use tc filters to put them into > appropriate classes. My firewall rules (below) do the markings. My VoIP > boxes'' and ICMP traffic get highest priority (mark 1). Then comes DNS, > SSH, and Telnet (mark 2), After this, I try to isolate BitTorrent traffic > (mark 4). If the packet is none of the above, then mark with a default > mark (mark 3). > > I ran my BitTorrent client (uTorrent) for a while, with no other big > uploading application running on my network. My firewall rules and > statistics are below. You can find that a large chunk got marked with 3 > (default mark), apart from marked BitTorrent traffic. I put the LOG target > just to see what traffic it is and SURPRISE ! It was BitTorrent traffic. > > A snippet from my kernel log (from iptables) is below. My PC''s IP is > 192.168.1.105 and port 10305 is uTorrent''s port. And, other packets not > going out of that port - I confirmed they are from uTorrent by doing this > on a bunch of entries: > > D:\Junk>netstat -nb | grep -A1 1553 > TCP 192.168.1.105:1771 195.23.20.78:21488 ESTABLISHED 4080 > [utorrent.exe] > > D:\Junk> > > I''ve tried using -m layer7 --l7proto bittorrent and IPP2P''s -m > ipp2p --ipp2p. Same effect. > > Kernel version - 2.4.30 > iptables version - v1.3.3 > ipp2p version : v0.8.1_rc1 > vlan1 is my WAN interface. > > FWIW, I''m doing this on my WRT54G V3 router running OpenWRT WhiteRussian > RC5. > > I don''t want to put all traffic on high-ports (>1024) into Bulk since I > have a bunch of stuff running on high-ports outside that I access. I just > want to be able to completely isolate P2P/BitTorrent and mark it bulk. > > Any help appreciated. > > Thanks. > > PS. I sent this on Sep 11, 2006 at 3:56 PM. It never showed up in the list > archive. So, reposting. Apologize if this is a repeat. > > > Firewall: > --------- > Chain POSTROUTING (policy ACCEPT 1404K packets, 600M bytes) > pkts bytes target prot opt in out source destination > 1024K 394M QOS_Chain all -- * * 0.0.0.0/0 0.0.0.0/0 > > Chain QOS_Chain (1 references) > pkts bytes target prot opt in out source destination > 6971 1418K MARK all -- * vlan1 192.168.1.107 0.0.0.0/0 > MARK set 0x1 40271 8118K MARK all -- * vlan1 > 192.168.1.111 0.0.0.0/0 MARK set 0x1 0 0 MARK icmp -- > * vlan1 0.0.0.0/0 0.0.0.0/0 icmp type 8 MARK set > 0x1 281 20041 MARK udp -- * vlan1 0.0.0.0/0 0.0.0.0/0 > udp dpt:53 MARK set 0x2 0 0 MARK tcp -- * vlan1 > 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 MARK set 0x2 0 0 MARK > tcp -- * vlan1 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 > MARK set 0x2 47517 9555K RETURN all -- * * 0.0.0.0/0 > 0.0.0.0/0 MARK match !0x0 152K 72M CONNMARK all -- * * > 0.0.0.0/0 0.0.0.0/0 CONNMARK restore 3849 2043K MARK > all -- * * 0.0.0.0/0 0.0.0.0/0 ipp2p > v0.8.1_rc1 --bit MARK set 0x4 49411 28M CONNMARK all -- * * > 0.0.0.0/0 0.0.0.0/0 MARK match 0x4 CONNMARK save 24859 > 32M LOG all -- * vlan1 0.0.0.0/0 0.0.0.0/0 > length 100:65535 MARK match 0x0 LOG flags 0 level 4 prefix `UNMARKED > Packet: '' 29544 32M MARK all -- * vlan1 0.0.0.0/0 > 0.0.0.0/0 MARK match 0x0 MARK set 0x3 > > Kernel log (snippet): > --------------------- > Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 > SRC=192.168.1.105 DST=87.11.229.118 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 > ID=64569 DF PROTO=TCP SPT=10305 DPT=16224 WINDOW=64396 RES=0x00 ACK URGP=0 > Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN= OUT=vlan1 > SRC=192.168.1.105 DST=87.11.229.118 LEN=1300 TOS=0x00 PREC=0x00 TTL=127 > ID=64570 DF PROTO=TCP SPT=10305 DPT=16224 WINDOW=64396 RES=0x00 ACK PSH > URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN> OUT=vlan1 SRC=192.168.1.105 DST=87.11.229.118 LEN=1300 TOS=0x00 PREC=0x00 > TTL=127 ID=64571 DF PROTO=TCP SPT=10305 DPT=16224 WINDOW=64396 RES=0x00 ACK > URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN> OUT=vlan1 SRC=192.168.1.105 DST=24.176.137.55 LEN=1300 TOS=0x00 PREC=0x00 > TTL=127 ID=64572 DF PROTO=TCP SPT=1983 DPT=50001 WINDOW=65320 RES=0x00 ACK > URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN> OUT=vlan1 SRC=192.168.1.105 DST=81.178.115.37 LEN=1300 TOS=0x00 PREC=0x00 > TTL=127 ID=64573 DF PROTO=TCP SPT=1553 DPT=60546 WINDOW=65269 RES=0x00 ACK > URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN> OUT=vlan1 SRC=192.168.1.105 DST=195.23.20.78 LEN=1300 TOS=0x00 PREC=0x00 > TTL=127 ID=64576 DF PROTO=TCP SPT=1771 DPT=21488 WINDOW=64842 RES=0x00 ACK > URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN> OUT=vlan1 SRC=192.168.1.105 DST=195.23.20.78 LEN=1300 TOS=0x00 PREC=0x00 > TTL=127 ID=64577 DF PROTO=TCP SPT=1771 DPT=21488 WINDOW=64842 RES=0x00 ACK > URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN> OUT=vlan1 SRC=192.168.1.105 DST=172.158.155.236 LEN=1300 TOS=0x00 PREC=0x00 > TTL=127 ID=64578 DF PROTO=TCP SPT=1938 DPT=35714 WINDOW=64282 RES=0x00 ACK > URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN> OUT=vlan1 SRC=192.168.1.105 DST=172.158.155.236 LEN=1300 TOS=0x00 PREC=0x00 > TTL=127 ID=64579 DF PROTO=TCP SPT=1938 DPT=35714 WINDOW=64282 RES=0x00 ACK > URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN> OUT=vlan1 SRC=192.168.1.105 DST=195.23.20.78 LEN=1300 TOS=0x00 PREC=0x00 > TTL=127 ID=64580 DF PROTO=TCP SPT=1771 DPT=21488 WINDOW=64842 RES=0x00 ACK > PSH URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN> OUT=vlan1 SRC=192.168.1.105 DST=195.23.20.78 LEN=1300 TOS=0x00 PREC=0x00 > TTL=127 ID=64581 DF PROTO=TCP SPT=1771 DPT=21488 WINDOW=64842 RES=0x00 ACK > URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN> OUT=vlan1 SRC=192.168.1.105 DST=81.178.115.37 LEN=1300 TOS=0x00 PREC=0x00 > TTL=127 ID=64583 DF PROTO=TCP SPT=1553 DPT=60546 WINDOW=65269 RES=0x00 ACK > URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN> OUT=vlan1 SRC=192.168.1.105 DST=87.11.229.118 LEN=1300 TOS=0x00 PREC=0x00 > TTL=127 ID=64584 DF PROTO=TCP SPT=10305 DPT=16224 WINDOW=64396 RES=0x00 ACK > URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN> OUT=vlan1 SRC=192.168.1.105 DST=24.176.137.55 LEN=1300 TOS=0x00 PREC=0x00 > TTL=127 ID=64586 DF PROTO=TCP SPT=1983 DPT=50001 WINDOW=65520 RES=0x00 ACK > URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN> OUT=vlan1 SRC=192.168.1.105 DST=24.176.137.55 LEN=1300 TOS=0x00 PREC=0x00 > TTL=127 ID=64587 DF PROTO=TCP SPT=1983 DPT=50001 WINDOW=65520 RES=0x00 ACK > URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN> OUT=vlan1 SRC=192.168.1.105 DST=24.176.137.55 LEN=1300 TOS=0x00 PREC=0x00 > TTL=127 ID=64588 DF PROTO=TCP SPT=1983 DPT=50001 WINDOW=65520 RES=0x00 ACK > URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN> OUT=vlan1 SRC=192.168.1.105 DST=201.66.191.158 LEN=1300 TOS=0x00 PREC=0x00 > TTL=127 ID=64611 DF PROTO=TCP SPT=1748 DPT=23845 WINDOW=65426 RES=0x00 ACK > URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN> OUT=vlan1 SRC=192.168.1.105 DST=201.66.191.158 LEN=1300 TOS=0x00 PREC=0x00 > TTL=127 ID=64612 DF PROTO=TCP SPT=1748 DPT=23845 WINDOW=65426 RES=0x00 ACK > URGP=0 Sep 11 14:31:01 (none) kern.warn kernel: UNMARKED Packet: IN> OUT=vlan1 SRC=192.168.1.105 DST=172.158.155.236 LEN=1300 TOS=0x00 PREC=0x00 > TTL=127 ID=64613 DF PROTO=TCP SPT=1938 DPT=35714 WINDOW=64265 RES=0x00 ACK > URGP=0 _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
On 9/12/06, Francisco <ranmakun@arnet.com.ar> wrote:> I''ll tell you what I did to completelly isolate MY bittorrent traffic. In > azureus you can tell the program to use a specific IP, so I have two IP''s per > PC, one for p2p and the other one as the main IP. Then I simply shape traffic > from the azureus IP in each PC. Obviously this only works for you, since you > wont convince any user to do this, but I found it quite practical if that''s > what you need. aMule doesn''t have the same option, but this traffic is easy > to detect. >Some clients, like Azureus, let you bind the local port for outgoing connections. Then marking based on the source port will work for not only incomming connected tcp streams but outgoing connected tcp streams too. All the data you''re seeing as not marked correctly is likely people your bittorrent client connected out to that are running encryption. ipp2p can''t determine that those data streams are p2p sessions as it actually should look similar to any ssl connection. Seems the best options is to bind to a seperate ip, or if client has the option bind to a specific local port and match on that. - Jody