LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   block tor users with iptables? (https://www.linuxquestions.org/questions/linux-newbie-8/block-tor-users-with-iptables-4175457952/)

qwertyjjj 04-12-2013 04:45 PM
block tor users with iptables?
 
I have users connecting via VPN to my server.
I need to block tor users and also bittorrent users.
Is there a way to do this using iptables?

unSpawn 04-12-2013 06:04 PM
For TOR you could use the list of IP addresses TOR websites allow you to export (use ipset plus one iptables rule and maybe one rule for common ports) for Bittorrent that would be the common port range and if you feel like it a layer 7 filter.

John VV 04-12-2013 07:47 PM
the 6880 or 6881 ( and the udp+4 for vuez ) for bit torrent normally get blocked
a lot of people are using ports in the 40,000 to 65,536 port range

unSpawn 04-13-2013 01:16 AM
Quote:
Originally Posted by John VV (Post 4930635)
the 6880 or 6881 ( and the udp+4 for vuez ) for bit torrent normally get blocked
It's TCP 6880 to 6899 IIRC.


Quote:
Originally Posted by John VV (Post 4930635)
a lot of people are using ports in the 40,000 to 65,536 port range
Indeed and that goes for TOR as well like TCP port 22, 80 or 443.

qwertyjjj 04-13-2013 04:06 AM
Quote:
Originally Posted by unSpawn (Post 4930579)
For TOR you could use the list of IP addresses TOR websites allow you to export (use ipset plus one iptables rule and maybe one rule for common ports) for Bittorrent that would be the common port range and if you feel like it a layer 7 filter.

I thought the whole point of tor was that it was supposed to be secure. If you can find out the IP addresses of websites that easily then what use is it?

unSpawn 04-13-2013 05:59 PM
No, I mean the three to five web sites that list TOR node status. They allow you to export the data easily.


All times are GMT -5. The time now is 07:14 PM.