Need firewall to block all streaming audio/video

drokmed · 07-25-2006, 02:23 PM

Hi all,

I've built a firewall using iptables for our network, but users can still watch videos and listen to streaming audio, which is killing our DSL WAN link, so I want to block it.

I'm running:
CentOS 4.3
iptables (use fwbuilder to configure firewall)
squid (proxy)
dansguardian (filter)
clamav (anti-virus)

Dansguardian blocks the unwanted material/sites just fine, but not the streaming audio from sites such as www.pandora.com

My firewall is redirecting ports 80 and 3128 (squid) to 8080 (dansguardian).

Blocking the site by name isn't a solution, because there's too many other sites I'm not aware of, that use similar technology.

Anyone have luck blocking these kinds of traffic?

Thanks for reading,

Daryl

msound · 07-25-2006, 03:13 PM

you could block content by file extension. although I'm not sure if it works with embedded streaming content.

squid.conf:
# Block media file extensions
acl blocked_exts url_regex -i \.wmv$ \.mp3$ \.mpeg$ \.rm$
http_access deny blocked_exts

This would definitely prevent users from downloading files with these extensions, but again I'm not sure how it would handle streaming. It would be worth a try.

pljvaldez · 07-25-2006, 03:14 PM

http://service.real.com/firewall/adminfw.html -- ports used by real player

You could google around and try to track down all the ports used by all the different media players, but I think most of these stream over port 80, so that's probably out of the question to block that. Also, make sure you're blocking the inbound and outbound requests for these ports...

With Dan's Guardian, can't you create rules to filter out things by filetype like *.ram for RealAudio or *.wmv for windows movie? You'd have to figure out a lot of the different types of files, but maybe that's a solution.

drokmed · 07-25-2006, 03:34 PM

Thanks. File types sounds alot more blockable than ports, for sure. I'll try the file extensions tonight, and let you know. It *should* work

tonyfreeman · 10-17-2006, 11:37 AM

drokmed ... what did you finally end up doing? If you found a way to block streaming media then please post how you did it. I need to do something similar. I'd like to block streaming media from everywhere except for the streaming media inside my domain.

drokmed · 10-18-2006, 10:31 AM

Hi Tony,

Actually, I'm just now getting back to that project, so I haven't tried that yet. I was unhappy with CentOS, so have rebuilt on SuSE 10.1 which is working very nicely.

I'm planning to finish the firewall this week, so hopefully will have some info for this thread.

allislamic · 11-04-2006, 01:28 AM

Hi
I am using RH9 ans squid 2.5 , My Question is How I can stop peer to peer softwares using squid.Its comsuming lot of bandwidth.
Any help will be appreciated

nelchege · 12-02-2009, 07:14 AM

Try this.
Config File squid configuration in /etc/squid/squid.conf

Edit File in squid.conf above line in ACL Zone.
################## ACL for Radio / Video Stream ###########################
acl StreamingRequest1 req_mime_type -i ^video/x-ms-asf$
acl StreamingRequest2 req_mime_type -i ^application/vnd.ms.wms-hdr.asfv1$
acl StreamingRequest3 req_mime_type -i ^application/x-mms-framed$
acl StreamingRequest4 req_mime_type -i ^audio/x-pn-realaudio$
acl StreamingReply1 rep_mime_type -i ^video/x-ms-asf$
acl StreamingReply2 rep_mime_type -i ^application/vnd.ms.wms-hdr.asfv1$
acl StreamingReply3 rep_mime_type -i ^application/x-mms-framed$
acl StreamingReply4 rep_mime_type -i ^audio/x-pn-realaudio$
################## ACL for Radio / Video Stream ###########################

Edit File in squid.conf above line in http_access Zone.
#################### Rules to block Radio / Video Stream #################
http_access deny StreamingRequest1 all
http_access deny StreamingRequest2 all
http_access deny StreamingRequest3 all
http_access deny StreamingRequest4 all

http_reply_access deny StreamingReply1 all
http_reply_access deny StreamingReply2 all
http_reply_access deny StreamingReply3 all
http_reply_access deny StreamingReply4 all
#################### Rules to block Radio / Video Stream ################

win32sux · 12-02-2009, 03:03 PM

nelchege, we value your time and energy, and encourage you to spend it helping members with current issues. I'm closing this zombie thread so it may rest in peace. Please don't make a habit of necroposting.