Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've built a firewall using iptables for our network, but users can still watch videos and listen to streaming audio, which is killing our DSL WAN link, so I want to block it.
This would definitely prevent users from downloading files with these extensions, but again I'm not sure how it would handle streaming. It would be worth a try.
You could google around and try to track down all the ports used by all the different media players, but I think most of these stream over port 80, so that's probably out of the question to block that. Also, make sure you're blocking the inbound and outbound requests for these ports...
With Dan's Guardian, can't you create rules to filter out things by filetype like *.ram for RealAudio or *.wmv for windows movie? You'd have to figure out a lot of the different types of files, but maybe that's a solution.
Distribution: Debian testing 64bit at home, EL5 32/64bit at work.
Posts: 196
Rep:
drokmed ... what did you finally end up doing? If you found a way to block streaming media then please post how you did it. I need to do something similar. I'd like to block streaming media from everywhere except for the streaming media inside my domain.
Actually, I'm just now getting back to that project, so I haven't tried that yet. I was unhappy with CentOS, so have rebuilt on SuSE 10.1 which is working very nicely.
I'm planning to finish the firewall this week, so hopefully will have some info for this thread.
How to Prevent Users From Using Peer to peer Softwares
Hi
I am using RH9 ans squid 2.5 , My Question is How I can stop peer to peer softwares using squid.Its comsuming lot of bandwidth.
Any help will be appreciated
Try this.
Config File squid configuration in /etc/squid/squid.conf
Edit File in squid.conf above line in ACL Zone.
################## ACL for Radio / Video Stream ###########################
acl StreamingRequest1 req_mime_type -i ^video/x-ms-asf$
acl StreamingRequest2 req_mime_type -i ^application/vnd.ms.wms-hdr.asfv1$
acl StreamingRequest3 req_mime_type -i ^application/x-mms-framed$
acl StreamingRequest4 req_mime_type -i ^audio/x-pn-realaudio$
acl StreamingReply1 rep_mime_type -i ^video/x-ms-asf$
acl StreamingReply2 rep_mime_type -i ^application/vnd.ms.wms-hdr.asfv1$
acl StreamingReply3 rep_mime_type -i ^application/x-mms-framed$
acl StreamingReply4 rep_mime_type -i ^audio/x-pn-realaudio$
################## ACL for Radio / Video Stream ###########################
Edit File in squid.conf above line in http_access Zone.
#################### Rules to block Radio / Video Stream #################
http_access deny StreamingRequest1 all
http_access deny StreamingRequest2 all
http_access deny StreamingRequest3 all
http_access deny StreamingRequest4 all
http_reply_access deny StreamingReply1 all
http_reply_access deny StreamingReply2 all
http_reply_access deny StreamingReply3 all
http_reply_access deny StreamingReply4 all
#################### Rules to block Radio / Video Stream ################
nelchege, we value your time and energy, and encourage you to spend it helping members with current issues. I'm closing this zombie thread so it may rest in peace. Please don't make a habit of necroposting.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.