blocking kazaa

[nganga08]

yes sir. Its blocked all the network traffic including all the P2P but by the use of squid you can browse the internet, because thats my setup here in my network. Sorry sir if it is not helpull for your setup.

[imranhussain]

AOA all

Plz ckeckit out!
It is an iptables match module capable of matching various peer-to-peer networks by examining the application-layer protocol.

found here
http://sourceforge.net/projects/iptables-p2p

I've not tried, plz tell me the results

[sarbazix]

salam ever1,
i also tried to block kazaa wid iptables and blocked port 1214 but it's no use coz kazaa is using my http port 8080/3128 i searched all da internet and all i got is a firewall from http://www.lowth.com/p2pwall/ftwall/
but i m hvng a problem compiling ftwall check this out if u cud compile it den let us know ..

[LinuxFreaK]

Dear sarbazix,
Salam,

Blocking KaZaA with IPTables:

iptables -A FORWARD -d 213.248.112.0/24 -j REJECT

--OR--

iptables -A FORWARD --dport 1214 -j REJECT
This rule will not block access to the KaZaA network, but instead will block filetransfers from occuring across KaZaA or Morpheus, as the software has a static port. This is pretty much just as effective, and can actually be more effective as the user won't believe that you have firewalled, but they are just having problems connecting to other users

if KaZaA use your http proxy server then enter the following line to your squid.conf file.

acl blocked_site kazaa.com
http_access deny blocked_site

Best Regards.

[sarbazix]

Dear sarbazix,
Salam,

Blocking KaZaA with IPTables:

iptables -A FORWARD -d 213.248.112.0/24 -j REJECT

--OR--

iptables -A FORWARD --dport 1214 -j REJECT
This rule will not block access to the KaZaA network, but instead will block filetransfers from occuring across KaZaA or Morpheus, as the software has a static port. This is pretty much just as effective, and can actually be more effective as the user won't believe that you have firewalled, but they are just having problems connecting to other users

if KaZaA use your http proxy server then enter the following line to your squid.conf file.

acl blocked_site kazaa.com
http_access deny blocked_site

Best Regards.

salam ever1
farrukh bhai i also tried this 1 and block both desktop.kazaa.com and kazaa.com from acl it works but den also kazaa connects it seem kazaa is unblockable widout any script and i hv previously posted da link where the script is available but i m having some problem to compile it..

[LinuxFreaK]

Dear sarbazix,
Salam,

# iptables -A FORWARD -m recent --name kazaa --rcheck --seconds 60 -j DROP
# iptables -A FORWARD -i eth0 -p tcp -m string --string 'X-Kazaa' -m recent --name kazaa --set -j DROP

Best Regards.

[sarbazix]

Dear sarbazix,
Salam,

# iptables -A FORWARD -m recent --name kazaa --rcheck --seconds 60 -j DROP
# iptables -A FORWARD -i eth0 -p tcp -m string --string 'X-Kazaa' -m recent --name kazaa --set -j DROP

Best Regards.

salam again
i am having error while entring dz rules
iptables -A FORWARD -m recent --name kazaa --rcheck --seconds 60 -j DROP
iptables -A FORWARD -i eth0 -p tcp -m string --string 'X-Kazaa' -m recent --name kazaa --set -j DROP

iptables v1.2.6a: Couldn't load match `recent':/lib/iptables/libipt_recent.so: cannot open shared object file: No such file
or directory

[LinuxFreaK]

Dear sarbazix,
Salam,

your system does not have libipt_recent.so so please download newer rpm of iptables from http://www.rpmfind.net and install it with rpm command

# rpm -Uvh iptables-x.y.z.rpm

Best Regards.

[sarbazix]

Dear sarbazix,
Salam,

your system does not have libipt_recent.so so please download newer rpm of iptables from http://www.rpmfind.net and install it with rpm command

# rpm -Uvh iptables-x.y.z.rpm

Best Regards.

salam,
Farrukh bhai i hav iptables v1.2.6a and downloaded iptables-1.2.7a-2.src.rpm and installed it with # rpm -Uvh iptables-1.2.7a-2.src.rpm and restarted iptables service but when i check iptable it show da previos version iptables v1.2.6a and i m getting da same old error while implementing da code's which u previously posted.

iptables -A FORWARD -m recent --name kazaa --rcheck --seconds 60 -j DROP
iptables -A FORWARD -i eth0 -p tcp -m string --string 'X-Kazaa' -m recent --name kazaa --set -j DROP

iptables v1.2.6a: Couldn't load match `recent':/lib/iptables/libipt_recent.so: cannot open shared object file: No such file
or directory

do u have any idea wht m i missing over here???

[LinuxFreaK]

Dear sarbazix,
Salam,

You have installed Source of iptables and you must compile the source if you don't want to do that then you can get the binary pakage of iptables from ftp://rpmfind.net/linux/redhat/updates/ ... 2.i386.rpm

Best Regards.

[lambda]

don't block kazaa. instead, use the packet shaping code (cbq, etc) to limit kazaa traffic to something useless, like 1kb/sec.

[farhantoqeer]

don't block kazaa. instead, use the packet shaping code (cbq, etc) to limit kazaa traffic to something useless, like 1kb/sec.

this is indeed a great suggestion.

any example?

[lambda]

here are a couple of links:

http://www.roads.lut.ac.uk/txt/proactive-iptables.html
http://www.linuxquestions.org/questions ... 08/1/78804

it's late, i'm feeling lazy, i just googled for this.

[farhantoqeer]

yes it is late

i was reading about this yesterday, i am not gonna implement it becuase i dont have any problem like that but i am sure it might help others who are pinching by KAZAA

[dandywalisarkar]

for blocking kazaa the most appripriate way is to use pathomatic to update your iptables and use the new iptables module which blocks any connection containing zzzz@kazza in http header