-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Is there interest in ipp2p support in Shorewall? While the ipp2p code is not part of the standard kernel.org distributions, my experience is that it is very easy to install and I would be willing to provide support for it if there is interest. See http://rnvs.informatik.uni-leipzig.de/ipp2p/index_en.html for information about ipp2p. - -Tom - -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBS0gvO/MAbZfjDLIRAlz4AJ9kPFV6yRw8P4Y5ryoq1hW10ZoofQCgoWJX DJipLReY3vd8XM19+fD601E=VnR5 -----END PGP SIGNATURE-----
Am Freitag, 17. September 2004 22:25 schrieb Tom Eastep:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Is there interest in ipp2p support in Shorewall? While the ipp2p code is > not part of the standard kernel.org distributions, my experience is that > it is very easy to install and I would be willing to provide support for > it if there is interest.that would be great ;)> > See http://rnvs.informatik.uni-leipzig.de/ipp2p/index_en.html for > information about ipp2p.I''m using it a long time .. it works ;) this is my snippet from /etc/shorewall start: ####### # ipp2p ####### echo -n " loading ipp2p-module " insmod ipt_ipp2p echo -n " starting ipp2p " # ip2pp for SoulSeek (ipp2p-0.5c) echo -n "(SoulSeek) " #/usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --soul -j DROP #/usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --soul -j LOG --log-level 6 --log-prefix "ipp2p: SoulSeek-traffic " # ip2pp for appleJuice echo -n "(appleJuice) " /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --apple -j DROP /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --apple -j LOG --log-level 6 --log-prefix "ipp2p: appleJuice-traffic " # ip2pp for dc echo -n "(DC) " /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --dc -j DROP /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --dc -j LOG --log-level 6 --log-prefix "ipp2p: dc-traffic " # ip2pp for gnutella echo -n "(gnutella) " /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --gnu -j DROP /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --gnu -j LOG --log-level 6 --log-prefix "ipp2p: gnutella-traffic " # ip2pp for eDonkey echo -n "(eDonkey) " /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --edk -j DROP /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --edk -j LOG --log-level 6 --log-prefix "ipp2p: eDonkey-traffic " # ip2pp for kazaa echo -n "(kazaa) " /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --kazaa -j DROP /usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --kazaa -j LOG --log-level 6 --log-prefix "ipp2p: kazaa-traffic " # ip2pp for BitTorrent (allowed ;) echo -n "(BitTorrent) " #/usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --bit -j DROP #/usr/sbin/iptables -I FORWARD -p tcp -m ipp2p --bit -j LOG --log-level 6 --log-prefix "ipp2p: BitTorrent-traffic " echo "" echo " ipp2p started"> > - -TomToni> - -- > Tom Eastep \ Nothing is foolproof to a sufficiently talented fool > Shoreline, \ http://shorewall.net > Washington USA \ teastep@shorewall.net > PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.4 (GNU/Linux) > Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org > > iD8DBQFBS0gvO/MAbZfjDLIRAlz4AJ9kPFV6yRw8P4Y5ryoq1hW10ZoofQCgoWJX > DJipLReY3vd8XM19+fD601E> =VnR5 > -----END PGP SIGNATURE----- > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe: > https://lists.shorewall.net/mailman/listinfo/shorewall-users Support: > http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Horst Graffy wrote: | Am Freitag, 17. September 2004 22:25 schrieb Tom Eastep: | | Is there interest in ipp2p support in Shorewall? While the ipp2p code is | not part of the standard kernel.org distributions, my experience is that | it is very easy to install and I would be willing to provide support for | it if there is interest. | |> that would be great ;) | | See http://rnvs.informatik.uni-leipzig.de/ipp2p/index_en.html for | information about ipp2p. | |> I''m using it a long time .. it works ;) | |> this is my snippet from /etc/shorewall start: I realize that it can be done using an extension script but I suspect that I can make it a bit easier. - -Tom - -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBS1D9O/MAbZfjDLIRAmlCAJ9mL6P3qRXL91blEyheK8CM+JFoGQCfalfQ Ixc0NbLDOkNrPq4nMBpJMJk=rvc6 -----END PGP SIGNATURE-----
Am Freitag, 17. September 2004 23:02 schrieb Tom Eastep:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Horst Graffy wrote: > | Am Freitag, 17. September 2004 22:25 schrieb Tom Eastep: > | > | Is there interest in ipp2p support in Shorewall? While the ipp2p code is > | not part of the standard kernel.org distributions, my experience is that > | it is very easy to install and I would be willing to provide support for > | it if there is interest. > | > |> that would be great ;) > | > | See http://rnvs.informatik.uni-leipzig.de/ipp2p/index_en.html for > | information about ipp2p. > | > |> I''m using it a long time .. it works ;) > |> > |> this is my snippet from /etc/shorewall start: > > I realize that it can be done using an extension script but I suspect > that I can make it a bit easier.Yes. I think so ....> > - -TomToni> - -- > Tom Eastep \ Nothing is foolproof to a sufficiently talented fool > Shoreline, \ http://shorewall.net > Washington USA \ teastep@shorewall.net > PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.4 (GNU/Linux) > Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org > > iD8DBQFBS1D9O/MAbZfjDLIRAmlCAJ9mL6P3qRXL91blEyheK8CM+JFoGQCfalfQ > Ixc0NbLDOkNrPq4nMBpJMJk> =rvc6 > -----END PGP SIGNATURE----- > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe: > https://lists.shorewall.net/mailman/listinfo/shorewall-users Support: > http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm
On Fri, 2004-09-17 at 15:25, Tom Eastep wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Is there interest in ipp2p support in Shorewall? While the ipp2p code is > not part of the standard kernel.org distributions, my experience is that > it is very easy to install and I would be willing to provide support for > it if there is interest. > > See http://rnvs.informatik.uni-leipzig.de/ipp2p/index_en.html for > information about ipp2p.I think it''d be a nice addition, as the topic has come up several times before. And if I was looking to implement it (which I might be for one site), I prefer this to ftwall, as this on allows you to throttle it, not just block it. -- Homer Parker /"\ ASCII Ribbon Campaign BOFH for homershut.net \ / No HTML/RTF in email http://www.homershut.net x No Word docs in email telnet://bbs.homershut.net / \ Respect for open standards "Bill Gates reports on security progress made and the challenges ahead." -- Microsoft''s Homepage, on the day an SQL Server bug crippled large sections of the Internet.
On Friday 17 September 2004 22.25, Tom Eastep wrote:> Is there interest in ipp2p support in Shorewall? While the ipp2p code > is not part of the standard kernel.org distributions, my experience > is that it is very easy to install and I would be willing to provide > support for it if there is interest. > > See http://rnvs.informatik.uni-leipzig.de/ipp2p/index_en.html for > information about ipp2p. > > -TomThat looks pretty flexible, Tom. In the long run it would make more sense using an extension than adding more REJECT rules, the bandwidth throttle is a pretty nifty feature. Just as long it''s not a burden on you, though... ;) -- Patrick Benson Stockholm, Sweden
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Patrick Benson wrote: | On Friday 17 September 2004 22.25, Tom Eastep wrote: | |>Is there interest in ipp2p support in Shorewall? While the ipp2p code |>is not part of the standard kernel.org distributions, my experience |>is that it is very easy to install and I would be willing to provide |>support for it if there is interest. |> |>See http://rnvs.informatik.uni-leipzig.de/ipp2p/index_en.html for |>information about ipp2p. |> |>-Tom | | | That looks pretty flexible, Tom. In the long run it would make more | sense using an extension than adding more REJECT rules, the bandwidth | throttle is a pretty nifty feature. Just as long it''s not a burden on | you, though... ;) | Unfortunately, I''ve just learned that IPP2P is being moved to Patch-0-Matic so I will not be providing any explicit support for it in Shorewall. - -Tom - -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBTapRO/MAbZfjDLIRAl7DAKCeeRxBF6Np/lXT3gPBnz3dtXkqSgCeKmtI ecxiNjcRwOZUif+31d3hMxI=fa5y -----END PGP SIGNATURE-----