How to block P2P programs

Protecting your Linux box
Post Reply
wazim4_u
Naik
Posts: 68
Joined: Mon Jun 13, 2005 10:38 pm
Location: Saudi Arabia (Riyadh)
Contact:

How to block P2P programs

Post by wazim4_u »

Salam...!
I want to know if anyone can help me limiting or totally blocking the trafic of P2P programs like KaZaa, Imesh, Winmx etc. I'm using fedora Core 3 as proxy server ( transperant ) with delay pools and every trafic from browser is in control. I'm also using masqurading. I have tried CBQ and HTB both they slow down the web traffic as well. anyone can help in it please. How to block these P2P programs or limit them

Thanks
wasim...!
Qadri-409
Battalion Havaldaar Major
Posts: 286
Joined: Sun May 09, 2004 4:16 pm
Location: Peshawar
Contact:

Post by Qadri-409 »

block the port through iptables

#iptables -t nat -A PREROUTING -i ethx --dport P# -j DROP

where x is eth0 or eth1
&
P# is the port number on which these p2p connect different p2p have different ports

take care
M Shahzad Qadri
wazim4_u
Naik
Posts: 68
Joined: Mon Jun 13, 2005 10:38 pm
Location: Saudi Arabia (Riyadh)
Contact:

Its not working

Post by wazim4_u »

salam..!

Kazaa use port 1214 which i have blocked with

iptables -A FORWARD -p TCP --dport 1214 -j REJECT

This wasn't working so the command you have given me

iptables -t nat -A PREROUTING -i eth0 --dport 1214 -j DROP

it says Unknown arg `--dport'

port blocking for Kazaa specially is not a solution, kazaa manage to connect through port 80
lambda
Major General
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Location: Lahore
Contact:

Re: How to block P2P programs

Post by lambda »

don't block them, just slow them down.

Code: Select all

iptables -A FORWARD -p tcp --dport 1214 -m limit --limit 1/s
one packet per second.
Qadri-409
Battalion Havaldaar Major
Posts: 286
Joined: Sun May 09, 2004 4:16 pm
Location: Peshawar
Contact:

Re: How to block P2P programs

Post by Qadri-409 »

lambda wrote:don't block them, just slow them down.

Code: Select all

iptables -A FORWARD -p tcp --dport 1214 -m limit --limit 1/s
one packet per second.
nice more apropriate approach
M Shahzad Qadri
fadain
Havaldaar
Posts: 100
Joined: Wed Aug 07, 2002 8:00 pm
Location: Multan, PK

Re: How to block P2P programs

Post by fadain »

Qadri-409 wrote:
lambda wrote:don't block them, just slow them down.

Code: Select all

iptables -A FORWARD -p tcp --dport 1214 -m limit --limit 1/s
one packet per second.
nice more apropriate approach
I don't get it, how is this approach more appropriate? The users won't complain or something like that?
wazim4_u
Naik
Posts: 68
Joined: Mon Jun 13, 2005 10:38 pm
Location: Saudi Arabia (Riyadh)
Contact:

Post by wazim4_u »

what mean of 1/s here or how to limit it " with seconds or bytes" if so then how ? or its just a standered command to do so
Qadri-409
Battalion Havaldaar Major
Posts: 286
Joined: Sun May 09, 2004 4:16 pm
Location: Peshawar
Contact:

Re: How to block P2P programs

Post by Qadri-409 »

fadain wrote: I don't get it, how is this approach more appropriate? The users won't complain or something like that?
salam Dear fadian

well people use kazaa for downloading mp3s and the stuff like that ..and use more bandwidth ..if you block kazaa or other p2p they will come with complain like "CONNECT NAHEE HO RAHA" so allowing them a slow connection on these p2p ports is okay rather blocking them

take care
M Shahzad Qadri
wazim4_u
Naik
Posts: 68
Joined: Mon Jun 13, 2005 10:38 pm
Location: Saudi Arabia (Riyadh)
Contact:

Post by wazim4_u »

salam..!

Qadri bhai baat to app ki theek. i also donot want to block but if the block is only solution so i have to. I will try the command of iptables i m giving by you experts to slow down the traffic. Squid delay pools already working well with downloading and web traffic just P2P programs creating problem like kazaa " you block the port it use another one " anyway hope you all experts will co-operate with me and yes " you'll be all in my special prays "

wa salam
wasim..!
LinuxFreaK
Site Admin
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
Location: Karachi
Contact:

Re:

Post by LinuxFreaK »

Dear wazim4_u,
Salam,
wazim4_u wrote:Qadri bhai baat to app ki theek. i also donot want to block but if the block is only solution so i have to. I will try the command of iptables i m giving by you experts to slow down the traffic. Squid delay pools already working well with downloading and web traffic just P2P programs creating problem like kazaa " you block the port it use another one " anyway hope you all experts will co-operate with me and yes " you'll be all in my special prays "
Use Squid with delay_pools

FYI, http://www.linuxpakistan.net/forum2x/vi ... php?t=2322

Best Regards.
Farrukh Ahmed
wazim4_u
Naik
Posts: 68
Joined: Mon Jun 13, 2005 10:38 pm
Location: Saudi Arabia (Riyadh)
Contact:

Post by wazim4_u »

salam dear
LinuxFreaK

I m using delay pools with squid downloading is limited to 5Kb everything is fine with from browser but kazaa and other p2p software still download at full speed. I have 256k dsl

allah hafiz
lambda
Major General
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Location: Lahore
Contact:

Post by lambda »

wazim4_u wrote:what mean of 1/s here or how to limit it " with seconds or bytes" if so then how ? or its just a standered command to do so
i have trouble understanding your question (questions?). calm down and rephrase your question.
wazim4_u
Naik
Posts: 68
Joined: Mon Jun 13, 2005 10:38 pm
Location: Saudi Arabia (Riyadh)
Contact:

Post by wazim4_u »

salam..!

The given command for limiting kazaa isn't working because we limited one port but cannot can connect through many ports even port 80 so what else i have to do to limit it ? this is the command i used

iptables -A FORWARD -p tcp --dport 1214 -m limit --limit 1/s

I tried cbq.init script it slow down kazaa but it also slow down the browsing which i donot want any thing else to do ?
feelmeone
Cadet
Posts: 1
Joined: Sun Mar 27, 2005 6:41 pm
Location: peshawar
Contact:

how to delay pool in squid

Post by feelmeone »

salam,
h ru, main ap say ya phochna chahta ho kay squid main delay pool kis tarah lagatay hay , tahkay hum bandwidtch control ker sakay. mugay step by step configuration please bata day,

im very thankfull to u

Allah hafiz
barlas
Naib Subedar
Posts: 315
Joined: Mon Jun 30, 2003 11:07 am
Location: Lahore, Pakistan
Contact:

Re: how to delay pool in squid

Post by barlas »

feelmeone wrote:salam,
h ru, main ap say ya phochna chahta ho kay squid main delay pool kis tarah lagatay hay , tahkay hum bandwidtch control ker sakay. mugay step by step configuration please bata day,

im very thankfull to u

Allah hafiz
http://www.linuxpakistan.net/wiki/index ... NewUser%22
Aqeel Zafar
Post Reply