Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I have a small server here in out office with only 3GB hard drive so installing a proxy server is impossible besides it was also running in an Pentium 2.
It's purpose is to act as firewall and do a NAT. My problem is how do I block p2p such as Limewire in our local network? Can anyone such give an idea or at least a simple command
Depends. If the situation allows a network policy or AUP to be used then it would be easier to monitor for anomalous traffic (addresses, ports, volume) and "teach" offenders "respect" for others properties. Combine with or replace by white-listing (firewall, proxy) accomplishes about the same by forcing only acceptable (addresses, ports) egress traffic. Else there's the Layer 7 iptables filters (see Sourceforge.net). Else there's Snort (inline?) / Community / Bleeding Edge P2P signatures. I'm probably forgetting something.
Hi buddy, This is an issue ive been studing for a very long time and i came up with a cheap solution, which has never failed me. with IPtables u need first
1. to have your linux machine running a transparent proxy and also force everyone to pass through it.
2. create an acl group, with DENY as the main thing,next create a file which the acl referees to and what ever u put in the file any name, believe me the content will be blocked and u will get results as shown from the squid logs:-
Thanks, but like I said. Squid is impossible since its only running under 3GB harddrive
What does the 3GB hard drive have anything to do with? A Squid binary package will probably weigh about 1MB, and once installed Squid doesn't have to use the hard drive for cache if you don't want to. And if you do want it to, you can configure exactly how much it should use. I'm not saying Squid is the solution to your problem, but if the only reason you aren't trying it is because you think your hard disk is stopping you then you are missing-out. Also, a Pentium II CPU is perfectly fine for Squid, but as with any CPU, it depends on the amount of clients, concurrent connections, etc.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
