[Kbhkol] Re: Yet Another Kazaa Issue (fwd)

Thu, 21 Nov 2002 23:54:24 -0800 

Halløj derude

Den rette vej at standse KaZaa 2 (som jo kan gå gennem port 80) er jo
nok en proxy med passende adgangsrettighed. For de af jer, som ikke har
tvungen proxy til at styre den slags, kan nedenstående måske være
interessant.

Whois-opslag stemmer dog ikke helt med netmaskerne (sidstnævnte er et
/27-net)...

Jeg har ikke selv afprøvet det selv, så hvorvidt det virker ved jeg
ikke...

/Rasmus

-- 
-- [ Rasmus "Møffe" Bøg Hansen ] ---------------------------------------
Beware of bugs in the above code;
I have only proved it correct, not tried it.
                              - Donald Knuth
----------------------------------[ moffe at amagerkollegiet dot dk ] --

---------- Forwarded message ----------
Date: Thu, 21 Nov 2002 22:36:25 -0300
From: Luciano Ruete <[EMAIL PROTECTED]>
To: netfilter <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED]
Subject: Re: Yet Another Kazaa Issue

Matias Bjørling escribió::
> Hey
>
> Im trying like hell to get Kazaa to stop connect successfully...
> Whatever i do, blocking port 1214 in ANY possible way, it still resist
> and connect sucessfully, even with thoes firewall rules

I did two thing (in diferent situations) that works very well.

1º hit the kazaa Achilles heel --> the centralized server

iptables -A FORWARD (...) -d 206.142.53.0/24 -j REJECT
iptables -A FORWARD (...) -d 213.248.112.0/24 -j REJECT

This work 4 me, i dont know if the nets are the same today, but 'try and
tell!' or google it =)

2º i have CBQ'ed both incoming and outcoming kazaa traffic, you can
drive the thins as far as you whant, and give 1kbit to all the kazaa
conections behind de router/firewall.
Here is my conf to cbq.init (the most simple case)
Two files, 1 for up, 1 for down

/etc/sysconfig/cbq/cbq-120.kazaa-up
DEVICE=eth0,10Mbit,1Mbit
RATE=120Kbit
WEIGHT=12Kbit
PRIO=5
RULE=:1214,
RULE=,:1214

/etc/sysconfig/cbq/cbq-240.kazaa-down
DEVICE=eth1,10Mbit,1Mbit
RATE=240Kbit
WEIGHT=24Kbit
PRIO=5
#RULE=:1214,
#RULE=,:1214

You can find cbq.init (a script/frontend to tc and CBQ classes) in
https://sourceforge.net/projects/cbqinit

The script is self documented

Regards

--
Luciano












_______________________________________________
kbhkol mailing list
[EMAIL PROTECTED]
http://kbhkol.dk/mailman/listinfo/kbhkol

Besvar via email