blocking kazaa
-
- Lance Naik
- Posts: 15
- Joined: Wed Jun 04, 2003 12:26 pm
- Location: Karachi
- Contact:
iptables match module for matching P2P apps
AOA all
Plz ckeckit out!
It is an iptables match module capable of matching various peer-to-peer networks by examining the application-layer protocol.
found here
http://sourceforge.net/projects/iptables-p2p
I've not tried, plz tell me the results
Plz ckeckit out!
It is an iptables match module capable of matching various peer-to-peer networks by examining the application-layer protocol.
found here
http://sourceforge.net/projects/iptables-p2p
I've not tried, plz tell me the results
Geek
blocking kazaa
salam ever1,
i also tried to block kazaa wid iptables and blocked port 1214 but it's no use coz kazaa is using my http port 8080/3128 i searched all da internet and all i got is a firewall from http://www.lowth.com/p2pwall/ftwall/
but i m hvng a problem compiling ftwall check this out if u cud compile it den let us know ..
i also tried to block kazaa wid iptables and blocked port 1214 but it's no use coz kazaa is using my http port 8080/3128 i searched all da internet and all i got is a firewall from http://www.lowth.com/p2pwall/ftwall/
but i m hvng a problem compiling ftwall check this out if u cud compile it den let us know ..
-
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
- Contact:
Re:
Dear sarbazix,
Salam,
acl blocked_site kazaa.com
http_access deny blocked_site
Best Regards.
Salam,
if KaZaA use your http proxy server then enter the following line to your squid.conf file.Blocking KaZaA with IPTables:
iptables -A FORWARD -d 213.248.112.0/24 -j REJECT
--OR--
iptables -A FORWARD --dport 1214 -j REJECT
This rule will not block access to the KaZaA network, but instead will block filetransfers from occuring across KaZaA or Morpheus, as the software has a static port. This is pretty much just as effective, and can actually be more effective as the user won't believe that you have firewalled, but they are just having problems connecting to other users
acl blocked_site kazaa.com
http_access deny blocked_site
Best Regards.
Farrukh Ahmed
Re:
salam ever1LinuxFreaK wrote:Dear sarbazix,
Salam,
if KaZaA use your http proxy server then enter the following line to your squid.conf file.Blocking KaZaA with IPTables:
iptables -A FORWARD -d 213.248.112.0/24 -j REJECT
--OR--
iptables -A FORWARD --dport 1214 -j REJECT
This rule will not block access to the KaZaA network, but instead will block filetransfers from occuring across KaZaA or Morpheus, as the software has a static port. This is pretty much just as effective, and can actually be more effective as the user won't believe that you have firewalled, but they are just having problems connecting to other users
acl blocked_site kazaa.com
http_access deny blocked_site
Best Regards.
farrukh bhai i also tried this 1 and block both desktop.kazaa.com and kazaa.com from acl it works but den also kazaa connects it seem kazaa is unblockable widout any script and i hv previously posted da link where the script is available but i m having some problem to compile it..
-
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
- Contact:
Re:
Dear sarbazix,
Salam,
Salam,
Best Regards.# iptables -A FORWARD -m recent --name kazaa --rcheck --seconds 60 -j DROP
# iptables -A FORWARD -i eth0 -p tcp -m string --string 'X-Kazaa' -m recent --name kazaa --set -j DROP
Farrukh Ahmed
Re:
salam againLinuxFreaK wrote:Dear sarbazix,
Salam,
Best Regards.# iptables -A FORWARD -m recent --name kazaa --rcheck --seconds 60 -j DROP
# iptables -A FORWARD -i eth0 -p tcp -m string --string 'X-Kazaa' -m recent --name kazaa --set -j DROP
i am having error while entring dz rules
iptables -A FORWARD -m recent --name kazaa --rcheck --seconds 60 -j DROP
iptables -A FORWARD -i eth0 -p tcp -m string --string 'X-Kazaa' -m recent --name kazaa --set -j DROP
iptables v1.2.6a: Couldn't load match `recent':/lib/iptables/libipt_recent.so: cannot open shared object file: No such file
or directory
-
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
- Contact:
Re:
Dear sarbazix,
Salam,
your system does not have libipt_recent.so so please download newer rpm of iptables from http://www.rpmfind.net and install it with rpm command
# rpm -Uvh iptables-x.y.z.rpm
Best Regards.
Salam,
your system does not have libipt_recent.so so please download newer rpm of iptables from http://www.rpmfind.net and install it with rpm command
# rpm -Uvh iptables-x.y.z.rpm
Best Regards.
Farrukh Ahmed
Re:
salam,LinuxFreaK wrote:Dear sarbazix,
Salam,
your system does not have libipt_recent.so so please download newer rpm of iptables from http://www.rpmfind.net and install it with rpm command
# rpm -Uvh iptables-x.y.z.rpm
Best Regards.
Farrukh bhai i hav iptables v1.2.6a and downloaded iptables-1.2.7a-2.src.rpm and installed it with # rpm -Uvh iptables-1.2.7a-2.src.rpm and restarted iptables service but when i check iptable it show da previos version iptables v1.2.6a and i m getting da same old error while implementing da code's which u previously posted.
iptables -A FORWARD -m recent --name kazaa --rcheck --seconds 60 -j DROP
iptables -A FORWARD -i eth0 -p tcp -m string --string 'X-Kazaa' -m recent --name kazaa --set -j DROP
iptables v1.2.6a: Couldn't load match `recent':/lib/iptables/libipt_recent.so: cannot open shared object file: No such file
or directory
do u have any idea wht m i missing over here???
-
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
- Contact:
Re:
Dear sarbazix,
Salam,
You have installed Source of iptables and you must compile the source if you don't want to do that then you can get the binary pakage of iptables from ftp://rpmfind.net/linux/redhat/updates/ ... 2.i386.rpm
Best Regards.
Salam,
You have installed Source of iptables and you must compile the source if you don't want to do that then you can get the binary pakage of iptables from ftp://rpmfind.net/linux/redhat/updates/ ... 2.i386.rpm
Best Regards.
Farrukh Ahmed
-
- Major General
- Posts: 917
- Joined: Thu Jun 27, 2002 5:45 pm
- Location: Karachi
- Contact:
here are a couple of links:
http://www.roads.lut.ac.uk/txt/proactive-iptables.html
http://www.linuxquestions.org/questions ... 08/1/78804
it's late, i'm feeling lazy, i just googled for this.
http://www.roads.lut.ac.uk/txt/proactive-iptables.html
http://www.linuxquestions.org/questions ... 08/1/78804
it's late, i'm feeling lazy, i just googled for this.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
-
- Major General
- Posts: 917
- Joined: Thu Jun 27, 2002 5:45 pm
- Location: Karachi
- Contact:
-
- Cadet
- Posts: 13
- Joined: Fri May 21, 2004 3:56 pm
- Location: Mardan
- Contact:
for blocking kazaa the most appripriate way is to use pathomatic to update your iptables and use the new iptables module which blocks any connection containing zzzz@kazza in http header
------------------------------------------------
If windows were to be an animal, it would have been a fainting goat.............
If windows were to be an animal, it would have been a fainting goat.............