Hola Juan Manuel, Este es un mini-howto de como instalar IPP2P en Debian, pero los pasos pueden ser usados en cualquier distribución.
Saludos Jeler ------------------------------------------------------------------------------------------------ Descargar ipp2p desde: http://www.ipp2p.org/ Descargar iptables desde: http://www.iptables.org/projects/iptables/downloads.html Se necesita conocer la versión del kernel, para poder instalar la cabecera: debian:/opt# uname -r 2.6.8-2-386 debian:/opt# apt-get install iptables-dev kernel-headers-2.6.8-2-386 debian:/opt# apt-get install libncurses5-dev Se necesita saber la versión de iptables para poder descargar el codigo fuente: debian:/opt# apt-cache show iptables Package: iptables Priority: important Section: net Installed-Size: 1240 Maintainer: Laurence J. Lane <[EMAIL PROTECTED]> Architecture: i386 Version: 1.2.11-10 Depends: libc6 (>= 2.3.2.ds1-4) Suggests: ipmasq, iproute Filename: pool/main/i/iptables/iptables_1.2.11-10_i386.deb Size: 381170 MD5sum: 9344d96317d3bd9df7752a65ef25f45e Description: Linux kernel 2.4+ iptables administration tools netfilter and iptables provide a Linux kernel framework for stateful and stateless packet filtering, network and port addresss translation, and other IP packet manipulation. The framework is the successor to ipchains. . netfilter and iptables are used in applications such as Internet connection sharing, firewalls, IP accounting, transparent proxying, advanced routing and traffic control. . iptables web site: http://www.iptables.org/ debian:/opt# debian:/opt# cp ipp2p-0.8.0.tar.gz /opt debian:/opt# cp iptables-1.2.11.tar.bz2 /opt debian:/opt# cd /opt debian:/opt# tar xzf ipp2p-0.8.0.tar.gz debian:/opt# tar xjf iptables-1.2.11.tar.bz2 debian:/opt# whereis iptables iptables: /sbin/iptables /lib/iptables /usr/include/iptables.h /usr/share/man/man8/iptables.8.gz debian:/opt# cd ipp2p-0.8.0 En el archivo Makefile del ipp2p-0.8.0 editar los siguientes parametros: IPTABLES_BIN = iptables IPTABLES_SRC = /opt/iptables-1.2.11 luego hacer un: debian:/opt/ipp2p-0.8.0# make debian:/opt/ipp2p-0.8.0# cp libipt_ipp2p.so /lib/iptables/ debian:/opt/ipp2p-0.8.0# ls /lib/iptables/ libip6t_HL.so libip6t_standard.so libipt_TOS.so libipt_nth.so libip6t_LOG.so libip6t_tcp.so libipt_TRACE.so libipt_osf.so libip6t_MARK.so libip6t_udp.so libipt_TTL.so libipt_owner.so libip6t_REJECT.so libipt_CLASSIFY.so libipt_ULOG.so libipt_physdev.so libip6t_ROUTE.so libipt_CONNMARK.so libipt_XOR.so libipt_pkttype.so libip6t_TRACE.so libipt_DNAT.so libipt_addrtype.so libipt_policy.so libip6t_ah.so libipt_DSCP.so libipt_ah.so libipt_pool.so libip6t_condition.so libipt_ECN.so libipt_condition.so libipt_psd.so libip6t_dst.so libipt_IPMARK.so libipt_connlimit.so libipt_quota.so libip6t_esp.so libipt_IPV4OPTSSTRIP.so libipt_connmark.so libipt_random.so libip6t_eui64.so libipt_LOG.so libipt_conntrack.so libipt_realm.so libip6t_frag.so libipt_MARK.so libipt_dscp.so libipt_recent.so libip6t_fuzzy.so libipt_MASQUERADE.so libipt_dstlimit.so libipt_rpc.so libip6t_hbh.so libipt_MIRROR.so libipt_ecn.so libipt_sctp.so libip6t_hl.so libipt_NETLINK.so libipt_esp.so libipt_set.so libip6t_icmpv6.so libipt_NETMAP.so libipt_fuzzy.so libipt_standard.so libip6t_ipv6header.so libipt_NOTRACK.so libipt_helper.so libipt_state.so libip6t_length.so libipt_POOL.so libipt_icmp.so libipt_string.so libip6t_limit.so libipt_REDIRECT.so libipt_ipp2p.so libipt_tcp.so libip6t_mac.so libipt_REJECT.so libipt_iprange.so libipt_tcpmss.so libip6t_mark.so libipt_ROUTE.so libipt_ipv4options.so libipt_time.so libip6t_multiport.so libipt_SAME.so libipt_length.so libipt_tos.so libip6t_nth.so libipt_SET.so libipt_limit.so libipt_ttl.so libip6t_owner.so libipt_SNAT.so libipt_mac.so libipt_u32.so libip6t_policy.so libipt_TARPIT.so libipt_mark.so libipt_udp.so libip6t_random.so libipt_TCPLAG.so libipt_mport.so libipt_unclean.so libip6t_rt.so libipt_TCPMSS.so libipt_multiport.so luego podemos instalar el modulo: debian:/opt/ipp2p-0.8.0# insmod ipt_ipp2p.ko ó lo copiamos y ejecutamos depmod: debian:/opt/ipp2p-0.8.0# cp ipt_ipp2p.ko /lib/modules/2.6.8-2-386/kernel/net/ipv4/netfilter/ debian:/opt/ipp2p-0.8.0# ls /lib/modules/2.6.8-2-386/kernel/net/ipv4/netfilter/ arp_tables.ko ipchains.ko ipt_ULOG.ko ipt_owner.ko arpt_mangle.ko ipfwadm.ko ipt_addrtype.ko ipt_physdev.ko arptable_filter.ko ipt_CLASSIFY.ko ipt_ah.ko ipt_pkttype.ko ip_conntrack.ko ipt_DSCP.ko ipt_conntrack.ko ipt_realm.ko ip_conntrack_amanda.ko ipt_ECN.ko ipt_dscp.ko ipt_recent.ko ip_conntrack_ftp.ko ipt_LOG.ko ipt_ecn.ko ipt_state.ko ip_conntrack_irc.ko ipt_MARK.ko ipt_esp.ko ipt_tcpmss.ko ip_conntrack_tftp.ko ipt_MASQUERADE.ko ipt_helper.ko ipt_tos.ko ip_nat_amanda.ko ipt_NETMAP.ko ipt_ipp2p.ko ipt_ttl.ko ip_nat_ftp.ko ipt_NOTRACK.ko ipt_iprange.ko iptable_filter.ko ip_nat_irc.ko ipt_REDIRECT.ko ipt_length.ko iptable_mangle.ko ip_nat_snmp_basic.ko ipt_REJECT.ko ipt_limit.ko iptable_nat.ko ip_nat_tftp.ko ipt_SAME.ko ipt_mac.ko iptable_raw.ko ip_queue.ko ipt_TCPMSS.ko ipt_mark.ko ip_tables.ko ipt_TOS.ko ipt_multiport.ko debian:/opt/ipp2p-0.8.0# debian:/opt/ipp2p-0.8.0# depmod -A debian:/opt/ipp2p-0.8.0# iptables -m ipp2p --help iptables v1.2.11 Usage: iptables -[AD] chain rule-specification [options] iptables -[RI] chain rulenum rule-specification [options] iptables -D chain rulenum [options] iptables -[LFZ] [chain] [options] iptables -[NX] chain iptables -E old-chain-name new-chain-name iptables -P chain target [options] iptables -h (print this help information) Commands: Either long or short options are allowed. --append -A chain Append to chain --delete -D chain Delete matching rule from chain --delete -D chain rulenum Delete rule rulenum (1 = first) from chain --insert -I chain [rulenum] Insert in chain as rulenum (default 1=first) --replace -R chain rulenum Replace rule rulenum (1 = first) in chain --list -L [chain] List the rules in a chain or all chains --flush -F [chain] Delete all rules in chain or all chains --zero -Z [chain] Zero counters in chain or all chains --new -N chain Create a new user-defined chain --delete-chain -X [chain] Delete a user-defined chain --policy -P chain target Change policy on chain to target --rename-chain -E old-chain new-chain Change chain name, (moving any references) Options: --proto -p [!] proto protocol: by number or name, eg. `tcp' --source -s [!] address[/mask] source specification --destination -d [!] address[/mask] destination specification --in-interface -i [!] input name[+] network interface name ([+] for wildcard) --jump -j target target for rule (may load target extension) --match -m match extended match (may load extension) --numeric -n numeric output of addresses and ports --out-interface -o [!] output name[+] network interface name ([+] for wildcard) --table -t table table to manipulate (default: `filter') --verbose -v verbose mode --line-numbers print line numbers when listing --exact -x expand numbers (display exact values) [!] --fragment -f match second or further fragments only --modprobe=<command> try to insert modules using this command --set-counters PKTS BYTES set the counter during insert/append [!] --version -V print package version. IPP2P v0.8.0 options: --ipp2p Grab all known p2p packets --edk [TCP&UDP] All known eDonkey/eMule/Overnet packets --dc [TCP] All known Direct Connect packets --kazaa [TCP&UDP] All known KaZaA packets --gnu [TCP&UDP] All known Gnutella packets --bit [TCP&UDP] All known BitTorrent packets --apple [TCP] All known AppleJuice packets --winmx [TCP] All known WinMX --soul [TCP] All known SoulSeek --ares [TCP] All known Ares DEBUG SUPPPORT, use only if you know why --debug Generate kernel debug output, THIS WILL SLOW DOWN THE FILTER Note that the follwing options will have the same meaning: '--ipp2p' is equal to '--edk --dc --kazaa --gnu --bit --apple --winmx --soul --ares' IPP2P was intended for TCP only. Due to increasing usage of UDP we needed to change this. You can now use -p udp to search UDP packets only or without -p switch to search UDP and TCP packets. See README included with this package for more details or visit http://www.ipp2p.org Examples: iptables -A FORWARD -m ipp2p --ipp2p -j MARK --set-mark 0x01 iptables -A FORWARD -p udp -m ipp2p --kazaa --bit -j DROP iptables -A FORWARD -p tcp -m ipp2p --edk --soul -j DROP debian:/opt/ipp2p-0.8.0# debian:/opt/ipp2p-0.8.0# iptables -A FORWARD -m ipp2p --edk --kazaa --gnu --bit --apple --dc --soul --winmx --ares -j DROP debian:/opt/ipp2p-0.8.0# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination DROP all -- anywhere anywhere ipp2p v0.8.0 --kazaa --gnu --edk --dc --bit --apple --soul --winmx --ares Chain OUTPUT (policy ACCEPT) target prot opt source destination debian:/opt/ipp2p-0.8.0# lsmod Module Size Used by ipt_ipp2p 7424 1 iptable_filter 3072 1 ip_tables 16896 2 ipt_ipp2p,iptable_filter _______________________________________________ Lista de correo Linux-plug Temática: Discusión general sobre Linux Peruvian Linux User Group (http://www.linux.org.pe) Participa suscribiéndote y escribiendo a: [email protected] Para darte de alta, de baja o hacer ajustes a tu suscripción visita: http://www.linux.org.pe/cgi-bin/mailman/listinfo/linux-plug IMPORTANTE: Reglas y recomendaciones http://www.linux.org.pe/listas/reglas.php http://www.linux.org.pe/listas/comportamiento.php http://www.linux.org.pe/listas/recomendaciones.php
