Displaying 20 results from an estimated 10000 matches similar to: "IP2P & Skype question"
2006 May 07
5
Detecting p2p traffic
After varying degrees of success with p2p detection modules, I would like to
write the following rules using iptables to reliably identify p2p traffic:
1. If a host on the network has 5 or more simutaneous tcp connections to ports
above 1024, mark all connections to ports 1024 and above as 60.
2. If a host has received (or sent) UDP packets from 5 different hosts'' ports
above 1024 in a
2007 Feb 23
3
Conntrack table full and Heavy p2p loaded traffic manager ...
Hello
I''ve setuped a bridge with l7-filter and ipp2p.  We have every day  + or
-  between 10Mbits and 30 Mbits P2P traffic from + or - 450 customers.
When traffic  increase. I''ve got this kind of error message :
Feb 23 14:26:19 gestor1 kernel: printk: 38 messages suppressed.
Feb 23 14:26:19 gestor1 kernel: ip_conntrack: table full, dropping packet.
The server is  celeron
2007 Nov 12
18
How to fight with encrypted p2p
Hi
I believe that whole question is in topic. 
Is there any way to recognize ( and then shape ) p2p traffic which is encrypted?
Modern p2p clients have this ability moreover some of them have this enabled by default. 
Now I''m using ipp2p for iptables but as I know this doesn''t recognize encrypted traffic.
Thanks in advance.
Pozdrawiam
Szymon Turkiewicz
2007 Jan 10
2
dst cache overflow (bridged wan interfaces)
I recompiled yet 2.6.19.1 kernel (using iptables with the same patches too).
The configuration for this test is:
   1) linux box with 2.6.19.1 kernel (SMP machine) with these
patches/modules:
      a) l7-filter
      b) ipp2p
      c) connlimit
      d) set
   2) 4 ethernet interfaces:
      a) 2 external (eth1 and eth3) interfaces with balanced links (as
described in nato-howto) bridged as wan0
2006 Apr 18
3
Matching with Layer7 vs. IPP2P
Hi,
can anybody comment on the cost of matching with IPP2P vs. Layer7.
Also, does a iptables rule with more complicated matching mechanism also 
slow down processing if all the packets are matched before they reach 
the rule. I.e. is the mere existence of a potentially costly rule 
already slowing down processing or only if packets are actually 
processed by it?
Thanks very much in advance.
2005 Jul 06
8
HTB and bittorrent, won''t work
Hello, 
I''ve been trying to shape the bittorrent traffic (on my external interface, 
upload), but without luck, for this I''m using layer7 filter right now, but 
I''ve also tried ipp2p, with the same results, I might say that this is not a 
problem with this packet classifiers, the problem is with HTB, here''s why. 
When I open azureus (the bittorrent client I
2006 Mar 23
11
linux box as vlan p2p limiter and firewall?
re
I would like to do some firewalling and p2p shaping/limiting on one of
the vlans in my network and I was thinking of using linux box as
transparent bridged firewall/limiter. For this I''m planning to use AMD64
2.2Ghz box with 2 1gbit NIC (Broadcom 5721), that will be bridged. The
box must be totally transparent and unseen in the network, as well as it
should have much influence on
2007 Nov 27
4
L7-Filter
Hi!
How I can use L7-Filter (http://l7-filter.sourceforge.net/) with Shorewall?
Thank you very much!
Bye.
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
2006 Nov 09
8
How to block Yahoo , MSN messanger and Kazza with IPTABLES
Hi,
I want to block  Yahoo Messenger, MSN messanger and Kazza with IPTABLES as
my local network users always go there.
How Can I do it?
I am not runnig iptables as a script nor have I put anything in my rc.local.
But instaed, I input the commands and save it by using the below cmmand
/etc/init.d/iptables save
and I restart it
/etc/init.d/iptables restart
My box runs on Cent OS 4.4.
Help
2007 Oct 19
3
Distro ready out of the box
hi all,
I''m writing not for technical problems but for a simple question.
Do You know if there is a distro which is ready for traffic shaping etc. 
''out of the box''?
I mean a distro which does not require patching the kernel and/or 
iptables and/or installing from source etc. and gives the user most of 
the tools needed (imq, ipp2p, l7filter and so on).
many thanks
2004 Sep 25
3
New L7-Filter patterns for Kademlia / eMule?
I had been using L7-Filter[1] successfully for edonkey/eMule traffic until 
recently.  I upgraded to the latest release of mldonkey, 2.5.28a, which 
implements eMule compatibility, and with support for Kademlia[2] enabled, 
network latency increases greatly.
[1] http://l7-filter.sourceforge.net/
[2] http://www.infoanarchy.org/wiki/wiki.pl?Kademlia
Has anyone created a new pattern match for
2004 May 10
2
Contact for iptables-extension "ipp2p"?
Hi all.
I remember someone in here was at least affiliated with the above 
mentioned ipp2p-project (an extension to iptables that allows to match 
peer-to-peer traffic). About two weeks ago I tried to contact the author 
of this extension via the address that is mentioned on the project 
website, since I wanted to send in a patch, but with no success. At 
least I didn''t receive a reply.
2005 May 30
23
ipp2p problems
Hi all,
  I have found problems in p2p traffic detection. The ipp2p module works
fine but in shorewall the rules written for this protocols never match
because the initials p2p connection (login) match in ''-m state --state
RELATED,ESTABLISHED -j ACCEPT'' rule before ''-m ipp2p --ipp2p -j DROP''
rule, so netfilter never filter p2p traffic. I have had to run
2006 Feb 23
7
ipp2p don''t block Ares
HI
I have a bridge running ipp2p blocking Ares traffic and others protocols.
This bridge works fine buts since two weeks can''t block Ares traffic. All
protocols block fine but Ares not (upload and download).
Somebody are using ipp2p blocking the latest Ares version ?
My system settings are:
kernel : 2.6.13
iptables: 1.3.3
ipp2p: 0.81 rc1
  iptables  -L  -v  output:
Chain FORWARD
2004 Jun 08
3
Blocking p2p traffic
Greetings, I''ve searched, found ftwall, and some other commercial solutions, but am wondering if anyone on this list has any solutions using a linux firewall to block p2p traffic, more specifically Kazaa.
Walter Wickersham
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
2005 Dec 11
6
shareaza
Hi,
A, B and C are three machines. A and C directly access to
theInternet while B access to the Internet through A.
 +-------------------------------------------------------------+
 | +-------------+                             +-------------+ |
 | |      A      |                             |      B      | |
 | |             | --- eth0 ---> <--- eth0 --- |             | |
 | | 192.168.0.1
2004 Oct 14
10
HTB
Hi all
I''m new in this list and i hope to lear and to help if possible.
But firt i need help :-(
I have this messege in my syslog when my classes and qdiscs goes down.
Can any one know what does it mean?
Thnx in advance.
Yannick Arrimadas Bot
Oct 14 16:09:27 pototogorri kernel: HTB init, kernel part version 3.17
Oct 14 16:09:27 pototogorri kernel: Unable to handle kernel paging
2004 May 14
9
RV: LATENCY PROBLEMS
Hello there, 
   I''m having lots of problems with my setup here. Let me explain:
I am network administrator for my university dorm. We are about 300 users,
and we have 2 ADSL connections doing load balancing with 300kbits upstream
and 2Mbit downstream. 
The load balancing is working great, we are doing connection tracking so I
can mark and hence prioritize interactive traffic and ACKS
2007 Jun 08
5
CBQ + Layer7 x Emule
Hi All ,
My first message and I have a little problem with my FC6 box trying to block
emule traffic using layer7 .
Here my network :
Internet ---------   ADSL  Router ------------------- FC6  Box
--------------------   Emule Box
external ADSL : Dynamic
Internal ADSL  : 192.168.254.1
external FC6  : 192.168.254.3
internal FC6 : 192.168.253.1
Emule Box : 192.168.253.3
I guess that everything
2005 Mar 11
6
P2P
Im getting into tc. How can I control P2P (peer to peer) traffic???
which filters??? any ideas???
Hugonik