LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-12-2013, 05:45 PM   #1
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,012

Rep: Reputation: 30
block tor users with iptables?


I have users connecting via VPN to my server.
I need to block tor users and also bittorrent users.
Is there a way to do this using iptables?
 
Old 04-12-2013, 07:04 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529
For TOR you could use the list of IP addresses TOR websites allow you to export (use ipset plus one iptables rule and maybe one rule for common ports) for Bittorrent that would be the common port range and if you feel like it a layer 7 filter.
 
Old 04-12-2013, 08:47 PM   #3
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 16,817

Rep: Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408
the 6880 or 6881 ( and the udp+4 for vuez ) for bit torrent normally get blocked
a lot of people are using ports in the 40,000 to 65,536 port range
 
Old 04-13-2013, 02:16 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529
Quote:
Originally Posted by John VV View Post
the 6880 or 6881 ( and the udp+4 for vuez ) for bit torrent normally get blocked
It's TCP 6880 to 6899 IIRC.


Quote:
Originally Posted by John VV View Post
a lot of people are using ports in the 40,000 to 65,536 port range
Indeed and that goes for TOR as well like TCP port 22, 80 or 443.
 
Old 04-13-2013, 05:06 AM   #5
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,012

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by unSpawn View Post
For TOR you could use the list of IP addresses TOR websites allow you to export (use ipset plus one iptables rule and maybe one rule for common ports) for Bittorrent that would be the common port range and if you feel like it a layer 7 filter.

I thought the whole point of tor was that it was supposed to be secure. If you can find out the IP addresses of websites that easily then what use is it?
 
Old 04-13-2013, 06:59 PM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529
No, I mean the three to five web sites that list TOR node status. They allow you to export the data easily.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Looking to block all non-Tor traffic kinetic Linux - Software 2 01-22-2010 05:15 PM
iptables only block Messenger to some users SkYzOpReNiCk Linux - Networking 1 12-20-2007 01:08 AM
Tor, Squid, Privoxy behind iptables firewall mistersnorfles Linux - Security 7 12-13-2007 05:12 PM
trying to block users from accessing web site with iptables Histamine Linux - Security 2 08-10-2007 09:36 AM
DESPERATE : Iptables block users by MAC address. ranjan303 Linux - Security 28 03-29-2005 02:15 AM


All times are GMT -5. The time now is 05:51 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration