blocking kazaa

Taking care of your Linux box.

blocking kazaa

Postby imranhussain » Wed Jun 04, 2003 12:38 pm

AOA to all members

i want to block kazaa on my network, i 'm using RH8.0 with squid ver 2.4 stable7 & iptables the rules are as follows:
iptables -t nat -A POSTROUTING -s 150.100.16.0/255.255.240.0 -d ! 150.100.16.0/255.255.240.0 -o ppp0 -j MASQUERADE
echo "1" > /proc/sys/net/ipv4/ip_forward

& for blocking kaaza somebody suggest me these rules
iptables -A FORWARD -m recent --name kazaa --rcheck --seconds 60 -j DROP
iptables -A FORWARD -i ppp0 -p tcp -m string --string 'X-Kazaa' -m recent --name kazaa --set -j DROP
or
iptables -I FORWARD -i $internal_interface -p tcp -m string --string "KazaaClient" -j REJECT --reject-with tcp-reset

but unable to block kazaa.

plz help me to do this.
regards
Geek
imranhussain
Lance Naik
 
Posts: 15
Joined: Wed Jun 04, 2003 12:26 pm
ICQ: 173082297
WLM: imranhussain90@hotmail.com
Yahoo Messenger: click2subscribe@yahoo.com
Location: Karachi

Postby fawad » Thu Jun 05, 2003 8:57 am

From the thread at Expert Exchange,
Blocking KaZaA with IPTables:

iptables -A FORWARD -d 213.248.112.0/24 -j REJECT

--OR--

iptables -A FORWARD --dport 1214 -j REJECT
This rule will not block access to the KaZaA network, but instead will block filetransfers from occuring across KaZaA or Morpheus, as the software has a static port. This is pretty much just as effective, and can actually be more effective as the user won't believe that you have firewalled, but they are just having problems connecting to other users.

Hope that works.
fawad
Site Admin
 
Posts: 918
Joined: Wed Aug 07, 2002 8:00 pm
ICQ: 17672437
Website: http://www.fawad.net
WLM: fawadhalim@hotmail.com
Yahoo Messenger: fawad2048
AOL: fawadhalim
Location: Addison, IL

still unable

Postby imranhussain » Mon Jun 09, 2003 6:57 pm

AOA to all members

i'm still unable to block kazaa.
Please help me to find out
Geek
imranhussain
Lance Naik
 
Posts: 15
Joined: Wed Jun 04, 2003 12:26 pm
ICQ: 173082297
WLM: imranhussain90@hotmail.com
Yahoo Messenger: click2subscribe@yahoo.com
Location: Karachi

Re : Blocking Kazaa

Postby LinuxFreaK » Tue Jun 10, 2003 1:18 am

Dear Imran Hussain,
Asalam-O-Alikum,

why in the forward chain anyway ?
use the input chain or the output chain, on the right interface depending on if it is an outgoing or incoming port
iptables -A input -i eth0 --dport 1214 -j DROP/REJECT
altho you might use DROP anyway

Best Regards.
Farrukh Ahmed
LinuxFreaK
Site Admin
 
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
ICQ: 82075802
Website: http://www.linuxpakistan.net/wiki/index.php?pagename=LinuxFreak
WLM: f4fahmed@hotmail.com
Yahoo Messenger: f4fahmed@yahoo.com
AOL: linuxpakistan@aol.com
Location: Karachi

Postby stinger » Sat Oct 11, 2003 4:49 am

hhh
Last edited by stinger on Mon Apr 17, 2017 2:19 pm, edited 2 times in total.
stinger
Cadet
 
Posts: 2
Joined: Sat Oct 11, 2003 3:53 am

blocking kazaa

Postby absar » Wed Dec 17, 2003 7:20 pm

it can’t block kazaa traffic . bcoz u r natting ur traffic not its out going or incoming. ur communication is not in between ur PC to ur server or ur server to kazaa server. its direct communication using ur firewall server so ur source port will be ur system port add destination port will be kazaa server port . u apply this rule it will stop kazaa traffic .


iptables -t nat -A POSTROUTING -s 150.100.16.0/255.255.240.0 -d ! 150.100.16.0/255.255.240.0 –dport 1214 –j DROP

hope this will stop kaza traffic or any port traffic u want just change the port address in “ –dport 1214”. :idea:
Absar Naqvi
absar
Cadet
 
Posts: 13
Joined: Sat Nov 29, 2003 11:55 pm
WLM: digitalspinner
Yahoo Messenger: digitalspinner2000
Location: Islamabad

Postby newbie » Thu Dec 18, 2003 12:37 am

when a traffic passes from router to any other destination it does not pass from
filter output and filter input chain.

u can block kazaa port traffic at

nat prerouting chain
filter forward chain
nat postrouting chain

but still u will not be able to block kazaa because it does not use only one port. just like yahoo messenger if u will block its port 5050 it can even connect on 21, 80.

u need to put packets in queue through iptables then there are some softwares which can filter the packets.it can cause slow routing.
newbie
Company Havaldaar Major
 
Posts: 156
Joined: Thu Aug 08, 2002 4:18 am
WLM: usman_fool@hotmail.com
Location: lahore

Blocking Kaza

Postby absar » Thu Dec 18, 2003 10:42 am

yup u rite. but i have some solution . and have implemented on my networks using IPTABLES . but its a big story any how any body want that then come to MSN chat or phone me i will tell him the detail . well its possible even client user 2 much claver. :wink:
Absar Naqvi
absar
Cadet
 
Posts: 13
Joined: Sat Nov 29, 2003 11:55 pm
WLM: digitalspinner
Yahoo Messenger: digitalspinner2000
Location: Islamabad

Blocking Kaza

Postby mahin » Thu Dec 18, 2003 11:47 am

but its a big story any how any body want that then come to MSN chat or phone me i will tell him the detail
Any chance of you taking some time and doing a write-up :?: You can post that at PLUC Wiki and a link here. Seems like you are sitting on some very interesting bit of information / expereince in which lots of system admin here would be interested. Just give it a thought, we all would appreciate if you could spare some time.
mahin
Major
 
Posts: 605
Joined: Wed Aug 07, 2002 8:00 pm
Website: http://www.linuxpakistan.net/wiki/index.php/LinuxPakistanKarachi
Location: Karachi

Re: Blocking Kaza

Postby newbie » Thu Dec 18, 2003 5:54 pm

:arrow: :arrow: :arrow:
Last edited by newbie on Sun Dec 21, 2003 5:02 am, edited 1 time in total.
newbie
Company Havaldaar Major
 
Posts: 156
Joined: Thu Aug 08, 2002 4:18 am
WLM: usman_fool@hotmail.com
Location: lahore

Postby zaeemarshad » Sat Dec 20, 2003 12:34 am

hey ppl there is no need to get angry. i know many ppl hate to write. Absar it will be helpful for all of us that you put on the wiki ur solutions. that shall be helpful to many others and may bring some interesting comments as well that might help you too in improving your solution.

To all members: Dont blow your cool ppl!!!!

Regards
Zaeem Arshad
zaeemarshad
Lieutenant Colonel
 
Posts: 660
Joined: Sat Jul 06, 2002 12:35 pm
Website: http://zaeem.no-ip.org
WLM: zarshadvirk@hotmail.com
Yahoo Messenger: negativecreep61@yahoo.com
AOL: zarshadvirk
Location: Islamabad

Re:

Postby LinuxFreaK » Sat Dec 20, 2003 1:04 am

Dear All PLUCian's,
Salam,

http://sourceforge.net/projects/l7-filter/ will help :)

Best Regards.
Farrukh Ahmed
LinuxFreaK
Site Admin
 
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
ICQ: 82075802
Website: http://www.linuxpakistan.net/wiki/index.php?pagename=LinuxFreak
WLM: f4fahmed@hotmail.com
Yahoo Messenger: f4fahmed@yahoo.com
AOL: linuxpakistan@aol.com
Location: Karachi

Postby nganga08 » Mon Feb 16, 2004 10:50 am

if you want to block kazaa and winmx or any p2p in your network just drop it per user using iptables. I done it in my network and it is very effective.

example:

iptables -A FORWARD -s 192.168.0.1 -d 0.0.0.0/0 -j DROP

i hope it will help you.
nganga08
Cadet
 
Posts: 3
Joined: Mon Jan 26, 2004 8:48 am

Postby nganga08 » Mon Feb 16, 2004 10:52 am

note:

and use squid for internet.
nganga08
Cadet
 
Posts: 3
Joined: Mon Jan 26, 2004 8:48 am

Postby zaeemarshad » Mon Feb 16, 2004 4:35 pm

nganga08 wrote:if you want to block kazaa and winmx or any p2p in your network just drop it per user using iptables. I done it in my network and it is very effective.

example:

iptables -A FORWARD -s 192.168.0.1 -d 0.0.0.0/0 -j DROP

i hope it will help you.


Excuse me but did you post this rule intentionally. I am sorry but it doesnt help blocking kaaza. it blocks all kinna network traffic. you have completely blocked a user here and thats not per user setting; its per ip setting.

Regards
Zaeem
zaeemarshad
Lieutenant Colonel
 
Posts: 660
Joined: Sat Jul 06, 2002 12:35 pm
Website: http://zaeem.no-ip.org
WLM: zarshadvirk@hotmail.com
Yahoo Messenger: negativecreep61@yahoo.com
AOL: zarshadvirk
Location: Islamabad


Return to “%s” Administration

Who is online

Users browsing this forum: No registered users and 2 guests

cron