@hardwyrd That's overkill, but very nice. :) @Jess Pepito Packet filter should work on allowing or disallowing (block or pass) torrent traffic since it's using Layer 3 (IP, ipv4 & ipv6) and Layer 4 (TCP,UDP and ICMP) when inspecting packets.
Take note that filter rules are in sequential order (first to last), meaning the last rule to match will dictate what action (block or pass) on the packet. For a linux router, ill take on hardwyrd's list, vyatta is very promising and can match to cisco firewall ios. Thanks, Jorge T. Monzor III On Sat, 7 Nov 2009 23:08:51 +0800 hard wyrd <[email protected]> wrote: > On PFSense, filter the torrent search engines, then enable traffic > shaping and then add traffic shaping rules for torrents. In our case > we gave 1% of the bandwidth to torrents. Traffic Shaper on PFSense is > a very good friend. We've done wonders using it in putting wayward > usage in proper order. > > We also created groups for torrent search engines, created blocking > rules on the WAN side to block access to torrent search engines. > > Hope these clues help. > > On Sat, Nov 7, 2009 at 5:58 PM, Jess Pepito <[email protected]> > wrote: > > > Salamat sa mga tubag ninyo, akong gi testingan sa una ang PFSENSE > > pero ang problema kai dili ga ka filter ang mga torrent, anyway > > aggree ko inyong mga tubag nga mag gamit og SQUID og router nga > > DUAL ang WAN, pero mas ganahan ko kung ang akong router PC running > > Linux distro. > > > > Daghan salamat sa inyong mga tubag! > > > > > > > > ------------------------------ > > *From:* hard wyrd <[email protected]> > > *To:* Kagay-Anon Linux Users' Group (KLUG) Mailing List < > > [email protected]> > > *Sent:* Sat, November 7, 2009 9:07:12 AM > > *Subject:* Re: [klug] HOW TO CREATE RULES USING IPTABLES > > > > My take is on this is that : > > > > 1. I dont think you can filter TLDs (top level domains) using > > IPTABLES. 2. some (or a lot) of websites share the same IP address > > and it might be that the rules might alienate your users more so > > than protecting them. 3. use a dual-WAN router with load balancing > > enabled. There are linux distros that you can use for that specific > > purpose - take Vyatta for example. Or if you want you can go > > PFSense if you wont mind using a BSD-based distro. > > 4. Use squid for filtering URLs. > > > > Well, I may not be right on all points. However, I believe it's > > still a step in the right direction. > > > > > > > > On Sat, Nov 7, 2009 at 7:58 AM, Jess Pepito <[email protected]> > > wrote: > > > >> Kumusta sa tanan!!! > >> > >> Patabang unta ko og create og IPTABLES RULES nga mo filter og > >> website nga ma access of workstation nga maka access sa internet > >> nga naay load balancing sa 2 ka internet provider ani akong gusto > >> mahitabo. > >> > >> Load Balancing: > >> ETH0 = Internet (Globle) > >> ETH1 = Internet (Smart Bro) > >> > >> ETH2 = LAN (192.168.1.1) > >> > >> Workstation (IP 192.168.1.X) > >> > >> Filter nga site: > >> 1. Porn Site > >> 2. Torrent Site > >> 3. Chat > >> > >> Kung naa moy suggestion ani palihug lang og comment dinhi og kung > >> si kinsa man ang maka hatag og idea og unsaon nako with tutorial > >> or sample iptables rules.. mag pasalamat ko daan!! > >> > >> SALAMAT!!! > >> > >> > >> > >> > >> > > > > > > -- > > Penguin, penguin, and more penguin. > > > > Believe that within the brain is a brain, and within it another > > brain, and so on and so forth. > > > > > > _________________________________________________ > > Kagay-Anon Linux Users' Group (KLUG) Mailing List > > [email protected] > > (http://lists.linux.org.ph/mailman/listinfo/klug) Searchable > > Archives: http://archives.free.net.ph > > > > > _________________________________________________ Kagay-Anon Linux Users' Group (KLUG) Mailing List [email protected] (http://lists.linux.org.ph/mailman/listinfo/klug) Searchable Archives: http://archives.free.net.ph
