LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-06-2010, 06:06 PM   #1
nehraaz
Member
 
Registered: Aug 2010
Location: Fiji Islands but currently worknig in Paua New Guinea (PNG)
Distribution: ubuntu
Posts: 36

Rep: Reputation: 1
Smile BLOCK Torrents


How to i block torrents from running on squid ?

Thank you
 
Old 09-06-2010, 06:22 PM   #2
fbobraga
Member
 
Registered: Jul 2010
Location: São Paulo - Brasil
Distribution: Debian 7 / Crunchbang 11
Posts: 229

Rep: Reputation: 41
there's no easy way to do it. look this: http://ubuntuforums.org/showthread.php?t=1373079
 
Old 09-06-2010, 07:46 PM   #3
suid0
Member
 
Registered: Jul 2005
Location: Brazil
Distribution: Slackware, openSuSe, Ubuntu, Fedora
Posts: 56

Rep: Reputation: 16
I have a theory to block torrent or any other unwanted thing. Don't block it, monitor!
The best way to block p2p is to find out who is the guy eating the bandwidth.

You can find a way to authenticate all users. If you're working for a company who cares about this, you can try to persuade them to create a policy with a badass warning saying the person is risking his job by doing this.
 
Old 09-06-2010, 10:48 PM   #4
nehraaz
Member
 
Registered: Aug 2010
Location: Fiji Islands but currently worknig in Paua New Guinea (PNG)
Distribution: ubuntu
Posts: 36

Original Poster
Rep: Reputation: 1
Smile

Thanks for that...at least the haze is clearing a bit now...

cheers and once again thanks for your help.

Quote:
Originally Posted by fbobraga View Post
there's no easy way to do it. look this: http://ubuntuforums.org/showthread.php?t=1373079
 
Old 09-06-2010, 10:50 PM   #5
nehraaz
Member
 
Registered: Aug 2010
Location: Fiji Islands but currently worknig in Paua New Guinea (PNG)
Distribution: ubuntu
Posts: 36

Original Poster
Rep: Reputation: 1
Unhappy

That i totally agree with. But the thing is i realised, it doesnt show up on squid reports. It shows i went to utorrent.com but it doesnt show the downlaods. Is there a way for it to appear on the sarg reports. ? i did a test and it seems it is invisible or something...

I need to get this guy coz he is making me look like a clown in front of my boss...Damn users..!!!


Quote:
Originally Posted by suid0 View Post
I have a theory to block torrent or any other unwanted thing. Don't block it, monitor!
The best way to block p2p is to find out who is the guy eating the bandwidth.

You can find a way to authenticate all users. If you're working for a company who cares about this, you can try to persuade them to create a policy with a badass warning saying the person is risking his job by doing this.
 
Old 09-06-2010, 11:02 PM   #6
suid0
Member
 
Registered: Jul 2005
Location: Brazil
Distribution: Slackware, openSuSe, Ubuntu, Fedora
Posts: 56

Rep: Reputation: 16
Not showing up on squid logs? hmm.. 2 possibilities I guess. problem with an ACL that needs to be reviewed or a problem with your firewall...

Maybe you will have a couple hours of fun reviewing your rules to find what this smart guy found.
 
Old 09-07-2010, 04:04 AM   #7
linuxlover.chaitanya
Senior Member
 
Registered: Apr 2008
Location: Nagpur, India
Distribution: Cent OS 5/6, Ubuntu Server 10.04
Posts: 4,629

Rep: Reputation: Disabled
Another issue could be with your router not intercepting all the packets. Are you masquerading the outgoing packets? If this is what you are doing, then make sure you are also redirecting all the port 80 connections to squid port. If you do not pay attention to what you are doing, this could result in you knowing nothing about your internet usage.
 
Old 09-08-2010, 12:38 AM   #8
nehraaz
Member
 
Registered: Aug 2010
Location: Fiji Islands but currently worknig in Paua New Guinea (PNG)
Distribution: ubuntu
Posts: 36

Original Poster
Rep: Reputation: 1
Thanks for the advice. I have squid and sarg. is there a separate package for firewall coz i didnt install anything else apart from the defualts. What firewall do i use. ?

ACL well all i have is one acl for my local network and then that has windows authentication enabled on it. Is there any particualr format or line i have to put in ?

Thanks

cheers

P.S Still a noob in novice shoes..(:-

Quote:
Originally Posted by suid0 View Post
Not showing up on squid logs? hmm.. 2 possibilities I guess. problem with an ACL that needs to be reviewed or a problem with your firewall...

Maybe you will have a couple hours of fun reviewing your rules to find what this smart guy found.
 
Old 09-08-2010, 12:45 AM   #9
nehraaz
Member
 
Registered: Aug 2010
Location: Fiji Islands but currently worknig in Paua New Guinea (PNG)
Distribution: ubuntu
Posts: 36

Original Poster
Rep: Reputation: 1
Smile

Hi

Masquerading..sorry foot in mouth but what is masquerading ..??
All browsers are directed to squid and i added a rule on the router not to allow traffic from any other ip apart from squid box.

So now i know all traffic is through the box coz router drops packets from other ip addresses. Now i need to do filters but torrents seem to be hard to catch.

thanks for the insight as i am understanding things a bit more now

Cheers


Quote:
Originally Posted by linuxlover.chaitanya View Post
Another issue could be with your router not intercepting all the packets. Are you masquerading the outgoing packets? If this is what you are doing, then make sure you are also redirecting all the port 80 connections to squid port. If you do not pay attention to what you are doing, this could result in you knowing nothing about your internet usage.
 
Old 09-08-2010, 12:51 AM   #10
suid0
Member
 
Registered: Jul 2005
Location: Brazil
Distribution: Slackware, openSuSe, Ubuntu, Fedora
Posts: 56

Rep: Reputation: 16
Wow, this could explain everything. As far as I remember, default rules for squid allow any outgoing traffic. I would recommend search for some howto's regarding squid and also iptables.

http://www.squid-cache.org/
http://netfilter.org/

I could spend hours telling you how to build your proxy but it would be much better if you RTFM a little.

If you already have authentication is a good start because with some tuning your squid will be able to show you who the bad guys are.

About firewall, I don't know if you're responsible for it or not but if you are, I strongly recommend you to start reading a lot. iptables is the command to manage firewall on Linux.

Maybe you can find a good howto appropriate to your needs. If you need help on setting up rules, you may need to share some info about your internal network like: default gateway, netmask, proxy ip, firewall ip.

Good luck! :-D
May the source be with you
 
Old 09-08-2010, 01:01 AM   #11
nehraaz
Member
 
Registered: Aug 2010
Location: Fiji Islands but currently worknig in Paua New Guinea (PNG)
Distribution: ubuntu
Posts: 36

Original Poster
Rep: Reputation: 1
Smile

I know i look like a dumb idiot but thanks for that. I remember reading Iptables before n not knowing what the hell they were. I think i will put a firewall in place so that everything out n in of the proxy is recorded and legit. You said firewall Ip...Can the firewall be installed on the squid box ? Can it have the same Ip or will it havbe a different IP but reside in the same physical box ? thanks for the info. I understand learning and finding out myself is the best solution but as long as you guys point me in the right direction, i dont mind the research. Thank you

Cheers


Quote:
Originally Posted by suid0 View Post
Wow, this could explain everything. As far as I remember, default rules for squid allow any outgoing traffic. I would recommend search for some howto's regarding squid and also iptables.

http://www.squid-cache.org/
http://netfilter.org/

I could spend hours telling you how to build your proxy but it would be much better if you RTFM a little.

If you already have authentication is a good start because with some tuning your squid will be able to show you who the bad guys are.

About firewall, I don't know if you're responsible for it or not but if you are, I strongly recommend you to start reading a lot. iptables is the command to manage firewall on Linux.

Maybe you can find a good howto appropriate to your needs. If you need help on setting up rules, you may need to share some info about your internal network like: default gateway, netmask, proxy ip, firewall ip.

Good luck! :-D
May the source be with you
 
Old 09-08-2010, 01:57 AM   #12
linuxlover.chaitanya
Senior Member
 
Registered: Apr 2008
Location: Nagpur, India
Distribution: Cent OS 5/6, Ubuntu Server 10.04
Posts: 4,629

Rep: Reputation: Disabled
Yes you can install firewall application on squid box, but that should not be necessary. iptables are default package in a linux distribution and you can use them for firewalling your network and also other NATing and masquerading purposes. You need nothing more for a basic setup.
 
Old 09-08-2010, 01:58 AM   #13
linuxlover.chaitanya
Senior Member
 
Registered: Apr 2008
Location: Nagpur, India
Distribution: Cent OS 5/6, Ubuntu Server 10.04
Posts: 4,629

Rep: Reputation: Disabled
And if you are looking for intercepting all the data on your network, read on how to configure your squid in transparent mode. That will help you more.
 
Old 09-08-2010, 05:20 PM   #14
suid0
Member
 
Registered: Jul 2005
Location: Brazil
Distribution: Slackware, openSuSe, Ubuntu, Fedora
Posts: 56

Rep: Reputation: 16
If I was you, I would do the following way:

1. Set policies on squid to monitor and block people (together with sarg and any other thing you'd like to).
2. Set a 2nd box as a firewall and disable everything that comes from regular users.
3. Everytime someone scream, you analize each case and ask them to make an official request to open a specific port. You must find a way to document each squid and firewall rule.

Why this second box? Beacuse I still believe a firewall is a firewall and not a multi-purpose machine. You can use and old PC as your firewall... Also, what I do for a box running a firewall is a minimal installation only with enough packages to make this firewall work.

To make your manager happy, now you have a controlled environment and you can now show graphs with before and after statistics. They love this shit.
 
Old 09-09-2010, 12:37 AM   #15
linuxlover.chaitanya
Senior Member
 
Registered: Apr 2008
Location: Nagpur, India
Distribution: Cent OS 5/6, Ubuntu Server 10.04
Posts: 4,629

Rep: Reputation: Disabled
I do agree on having a separate firewall machine. But if the traffic is limited it seems he would be wasting the hardware resources and money. I have got a similar setup running squid, dans and iptables without performance lag. The system also runs ntop as well. It would also depend how well OP can maintain the server. My server running squid and firewall is not even a server hardware machine but a Dell desktop workstation machine. But our traffic is low and no more than 40 users are online at any given time. So that also makes difference.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
what are torrents cad Linux - Software 2 01-04-2007 09:19 AM
Help with torrents? sonic04002 Linux - Software 2 10-29-2005 01:12 PM
Torrents? sonic04002 Linux - Newbie 15 10-26-2005 06:56 PM
Need help on torrents.... senglee Mandriva 7 08-15-2005 05:56 AM
Torrents RedRaven General 1 11-22-2004 02:06 AM


All times are GMT -5. The time now is 02:18 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration