Originally Posted by sanjibgupta
I have proxy running. I have seen LAN machines sending packets by iftop -P -F 192.168.10./24
192.168.10.203:kazaa => known.net.reach.com:http 0b 40b 40b
<= 0b 0b 0b
kazaa port is 1214
How do i set my iptables so that I can only send and recieve http,smtp,ssh,dns,dhcp request in and out of the proxy
As with some of your other posts, you omit a good bit of actual detail. As always, what version/distro of Linux? WHAT proxy and what version? And did you bother to try to look this up? This is a well-documented issue, with lots of folks dealing with it.
Try this in your IPtables
-m string --string "X-Kazaa-Username:" -j DROP
-m string --string "X-Kazaa-Network:" -j DROP
-m string --string "X-Kazaa-IP:" -j DROP
-m string --string "X-Kazaa-SupernodeIP:" -j DROP
Which may (or may not) work, depending on the client they're using, and where they're connecting. Again, if you tried to look this up, you'd find you need an L7 based module, to make SURE this traffic is blocked.