AOA to all members
i want to block kazaa on my network, i 'm using RH8.0 with squid ver 2.4 stable7 & iptables the rules are as follows:
iptables -t nat -A POSTROUTING -s 150.100.16.0/255.255.240.0 -d ! 150.100.16.0/255.255.240.0 -o ppp0 -j MASQUERADE
echo "1" > /proc/sys/net/ipv4/ip_forward
& for blocking kaaza somebody suggest me these rules
iptables -A FORWARD -m recent --name kazaa --rcheck --seconds 60 -j DROP
iptables -A FORWARD -i ppp0 -p tcp -m string --string 'X-Kazaa' -m recent --name kazaa --set -j DROP
or
iptables -I FORWARD -i $internal_interface -p tcp -m string --string "KazaaClient" -j REJECT --reject-with tcp-reset
but unable to block kazaa.
plz help me to do this.
regards
blocking kazaa
-
imranhussain
- Lance Naik
- Posts: 15
- Joined: Wed Jun 04, 2003 12:26 pm
- Location: Karachi
- Contact:
blocking kazaa
Geek
From the thread at Expert Exchange,
Hope that works.Blocking KaZaA with IPTables:
iptables -A FORWARD -d 213.248.112.0/24 -j REJECT
--OR--
iptables -A FORWARD --dport 1214 -j REJECT
This rule will not block access to the KaZaA network, but instead will block filetransfers from occuring across KaZaA or Morpheus, as the software has a static port. This is pretty much just as effective, and can actually be more effective as the user won't believe that you have firewalled, but they are just having problems connecting to other users.
-
imranhussain
- Lance Naik
- Posts: 15
- Joined: Wed Jun 04, 2003 12:26 pm
- Location: Karachi
- Contact:
-
LinuxFreaK
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
- Contact:
Re : Blocking Kazaa
Dear Imran Hussain,
Asalam-O-Alikum,
why in the forward chain anyway ?
use the input chain or the output chain, on the right interface depending on if it is an outgoing or incoming port
iptables -A input -i eth0 --dport 1214 -j DROP/REJECT
altho you might use DROP anyway
Best Regards.
Asalam-O-Alikum,
why in the forward chain anyway ?
use the input chain or the output chain, on the right interface depending on if it is an outgoing or incoming port
iptables -A input -i eth0 --dport 1214 -j DROP/REJECT
altho you might use DROP anyway
Best Regards.
Farrukh Ahmed
blocking kazaa
it can’t block kazaa traffic . bcoz u r natting ur traffic not its out going or incoming. ur communication is not in between ur PC to ur server or ur server to kazaa server. its direct communication using ur firewall server so ur source port will be ur system port add destination port will be kazaa server port . u apply this rule it will stop kazaa traffic .
iptables -t nat -A POSTROUTING -s 150.100.16.0/255.255.240.0 -d ! 150.100.16.0/255.255.240.0 –dport 1214 –j DROP
hope this will stop kaza traffic or any port traffic u want just change the port address in “ –dport 1214”.
iptables -t nat -A POSTROUTING -s 150.100.16.0/255.255.240.0 -d ! 150.100.16.0/255.255.240.0 –dport 1214 –j DROP
hope this will stop kaza traffic or any port traffic u want just change the port address in “ –dport 1214”.
Absar Naqvi
when a traffic passes from router to any other destination it does not pass from
filter output and filter input chain.
u can block kazaa port traffic at
nat prerouting chain
filter forward chain
nat postrouting chain
but still u will not be able to block kazaa because it does not use only one port. just like yahoo messenger if u will block its port 5050 it can even connect on 21, 80.
u need to put packets in queue through iptables then there are some softwares which can filter the packets.it can cause slow routing.
filter output and filter input chain.
u can block kazaa port traffic at
nat prerouting chain
filter forward chain
nat postrouting chain
but still u will not be able to block kazaa because it does not use only one port. just like yahoo messenger if u will block its port 5050 it can even connect on 21, 80.
u need to put packets in queue through iptables then there are some softwares which can filter the packets.it can cause slow routing.
Blocking Kaza
yup u rite. but i have some solution . and have implemented on my networks using IPTABLES . but its a big story any how any body want that then come to MSN chat or phone me i will tell him the detail . well its possible even client user 2 much claver. 
Absar Naqvi
Blocking Kaza
Any chance of you taking some time and doing a write-upbut its a big story any how any body want that then come to MSN chat or phone me i will tell him the detail
You can post that at PLUC Wiki and a link here. Seems like you are sitting on some very interesting bit of information / expereince in which lots of system admin here would be interested. Just give it a thought, we all would appreciate if you could spare some time.
-
zaeemarshad
- Lieutenant Colonel
- Posts: 660
- Joined: Sat Jul 06, 2002 12:35 pm
- Location: Islamabad
- Contact:
hey ppl there is no need to get angry. i know many ppl hate to write. Absar it will be helpful for all of us that you put on the wiki ur solutions. that shall be helpful to many others and may bring some interesting comments as well that might help you too in improving your solution.
To all members: Dont blow your cool ppl!!!!
Regards
Zaeem Arshad
To all members: Dont blow your cool ppl!!!!
Regards
Zaeem Arshad
-
LinuxFreaK
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
- Contact:
Re:
Farrukh Ahmed
-
zaeemarshad
- Lieutenant Colonel
- Posts: 660
- Joined: Sat Jul 06, 2002 12:35 pm
- Location: Islamabad
- Contact:
Excuse me but did you post this rule intentionally. I am sorry but it doesnt help blocking kaaza. it blocks all kinna network traffic. you have completely blocked a user here and thats not per user setting; its per ip setting.nganga08 wrote:if you want to block kazaa and winmx or any p2p in your network just drop it per user using iptables. I done it in my network and it is very effective.
example:
iptables -A FORWARD -s 192.168.0.1 -d 0.0.0.0/0 -j DROP
i hope it will help you.
Regards
Zaeem