Need help blocking fastrack P2P

Skunk_Face · 02-08-2004, 07:19 PM

I need some info on how to block p2p traffic (ie kazaa, imesh, overnet etc)
The old method of blocking ports doesnt seem to work anymore coz the new p2p clients are able to port hop and blocking the servers have become a painstaking task as the numbers just keep growing.

I have searched and found an article on ftwall (http://www.lowth.com/p2pwall) and was wondering if anyone here has experience with this particular application. My concern is whether or not it can successfully block all p2p traffic and whether setting the QUEUE command in iptables will cause a bottleneck for all other legitamate network traffic??

jtshaw · 02-08-2004, 07:53 PM

It shouldn't cause a bottle neck for other traffic. Those p2p clients can be evil can't they.... stupid things always clog the upstream at colleges until the admins get annoyed to the point they filter there packets out.

di11rod · 02-09-2004, 12:49 AM

No. These types of applications actually look for packet fingerprints and limits packets specific to p2p or whatever applications you desire.

Check out:

http://freshmeat.net/projects/arbitrator/

A real good way to round up a bunch of free packet shapers for linux is to visit

http://www.freshmeat.net

and search for 'bandwidth'....

This isn't so much of a security issue as it is a networking issue. Perhaps that forum might be a better resource for guidance on this topic...

good luck,

di11rod

phobox · 02-09-2004, 01:05 AM

Try this one:

http://freshmeat.net/projects/l7-fil...ease_id=150643

Skunk_Face · 02-11-2004, 07:12 PM

ok thanks for the info peeps.....i've finally got ftwall running just as i wanted it to ...and blocking kazaa works like a charm now. However im still facing problems blocking other p2p clients like winmx, bearshare etc. I installed p2pmon and seems like winmx is my next target...lucky for me it seems to run off a standard port which will prolly make blocking it easier.

Arbitrator sounds interesting but seems like i need to patch the kernel to get it running. NOT something i really enjoy doing (seeing as how i f**ked up the last 3 times i did that ). If anyone has a link to show me how to patch & compile the kernel (keeping all my config & modules intact) would really appreciate it . Oh and btw ....am on rh9 which boots off grub.