Interesante esto de IPP2P. Otra forma de solucionar esto seria abrir solo los puertos que voy ha utilizar y los demas cerrarlos.
Saludos cordiales El Viernes, 25 de Agosto de 2006 16:35, [EMAIL PROTECTED] escribió: > Hola Juan Manuel, > > Este es un mini-howto de como instalar IPP2P en Debian, pero los pasos > pueden ser usados en cualquier distribución. > > Saludos > Jeler > > --------------------------------------------------------------------------- >--------------------- > > Descargar ipp2p desde: http://www.ipp2p.org/ > Descargar iptables desde: > http://www.iptables.org/projects/iptables/downloads.html > > Se necesita conocer la versión del kernel, para poder instalar la cabecera: > > debian:/opt# uname -r > 2.6.8-2-386 > debian:/opt# apt-get install iptables-dev kernel-headers-2.6.8-2-386 > debian:/opt# apt-get install libncurses5-dev > > > Se necesita saber la versión de iptables para poder descargar el codigo > fuente: > > debian:/opt# apt-cache show iptables > Package: iptables > Priority: important > Section: net > Installed-Size: 1240 > Maintainer: Laurence J. Lane <[EMAIL PROTECTED]> > Architecture: i386 > Version: 1.2.11-10 > Depends: libc6 (>= 2.3.2.ds1-4) > Suggests: ipmasq, iproute > Filename: pool/main/i/iptables/iptables_1.2.11-10_i386.deb > Size: 381170 > MD5sum: 9344d96317d3bd9df7752a65ef25f45e > Description: Linux kernel 2.4+ iptables administration tools > netfilter and iptables provide a Linux kernel framework for > stateful and stateless packet filtering, network and port addresss > translation, and other IP packet manipulation. The framework is the > successor to ipchains. > . > netfilter and iptables are used in applications such as Internet > connection sharing, firewalls, IP accounting, transparent proxying, > advanced routing and traffic control. > . > iptables web site: http://www.iptables.org/ > > debian:/opt# > debian:/opt# cp ipp2p-0.8.0.tar.gz /opt > debian:/opt# cp iptables-1.2.11.tar.bz2 /opt > debian:/opt# cd /opt > debian:/opt# tar xzf ipp2p-0.8.0.tar.gz > debian:/opt# tar xjf iptables-1.2.11.tar.bz2 > debian:/opt# whereis iptables > iptables: /sbin/iptables /lib/iptables /usr/include/iptables.h > /usr/share/man/man8/iptables.8.gz debian:/opt# cd ipp2p-0.8.0 > > > En el archivo Makefile del ipp2p-0.8.0 editar los siguientes parametros: > > IPTABLES_BIN = iptables > IPTABLES_SRC = /opt/iptables-1.2.11 > > > luego hacer un: > > debian:/opt/ipp2p-0.8.0# make > debian:/opt/ipp2p-0.8.0# cp libipt_ipp2p.so /lib/iptables/ > debian:/opt/ipp2p-0.8.0# ls /lib/iptables/ > libip6t_HL.so libip6t_standard.so libipt_TOS.so > libipt_nth.so libip6t_LOG.so libip6t_tcp.so > libipt_TRACE.so libipt_osf.so libip6t_MARK.so libip6t_udp.so > libipt_TTL.so libipt_owner.so libip6t_REJECT.so > libipt_CLASSIFY.so libipt_ULOG.so libipt_physdev.so > libip6t_ROUTE.so libipt_CONNMARK.so libipt_XOR.so > libipt_pkttype.so libip6t_TRACE.so libipt_DNAT.so > libipt_addrtype.so libipt_policy.so libip6t_ah.so > libipt_DSCP.so libipt_ah.so libipt_pool.so > libip6t_condition.so libipt_ECN.so libipt_condition.so > libipt_psd.so libip6t_dst.so libipt_IPMARK.so > libipt_connlimit.so libipt_quota.so libip6t_esp.so > libipt_IPV4OPTSSTRIP.so libipt_connmark.so libipt_random.so > libip6t_eui64.so libipt_LOG.so libipt_conntrack.so > libipt_realm.so libip6t_frag.so libipt_MARK.so > libipt_dscp.so libipt_recent.so libip6t_fuzzy.so > libipt_MASQUERADE.so libipt_dstlimit.so libipt_rpc.so > libip6t_hbh.so libipt_MIRROR.so libipt_ecn.so > libipt_sctp.so libip6t_hl.so libipt_NETLINK.so > libipt_esp.so libipt_set.so libip6t_icmpv6.so > libipt_NETMAP.so libipt_fuzzy.so libipt_standard.so > libip6t_ipv6header.so libipt_NOTRACK.so libipt_helper.so > libipt_state.so libip6t_length.so libipt_POOL.so > libipt_icmp.so libipt_string.so libip6t_limit.so > libipt_REDIRECT.so libipt_ipp2p.so libipt_tcp.so > libip6t_mac.so libipt_REJECT.so libipt_iprange.so > libipt_tcpmss.so libip6t_mark.so libipt_ROUTE.so > libipt_ipv4options.so libipt_time.so libip6t_multiport.so libipt_SAME.so > libipt_length.so libipt_tos.so libip6t_nth.so > libipt_SET.so libipt_limit.so libipt_ttl.so > libip6t_owner.so libipt_SNAT.so libipt_mac.so > libipt_u32.so libip6t_policy.so libipt_TARPIT.so > libipt_mark.so libipt_udp.so libip6t_random.so > libipt_TCPLAG.so libipt_mport.so libipt_unclean.so > libip6t_rt.so libipt_TCPMSS.so libipt_multiport.so > > > luego podemos instalar el modulo: > > debian:/opt/ipp2p-0.8.0# insmod ipt_ipp2p.ko > > ó lo copiamos y ejecutamos depmod: > > debian:/opt/ipp2p-0.8.0# cp ipt_ipp2p.ko > /lib/modules/2.6.8-2-386/kernel/net/ipv4/netfilter/ > debian:/opt/ipp2p-0.8.0# ls > /lib/modules/2.6.8-2-386/kernel/net/ipv4/netfilter/ arp_tables.ko > ipchains.ko ipt_ULOG.ko ipt_owner.ko arpt_mangle.ko > ipfwadm.ko ipt_addrtype.ko ipt_physdev.ko arptable_filter.ko > ipt_CLASSIFY.ko ipt_ah.ko ipt_pkttype.ko ip_conntrack.ko > ipt_DSCP.ko ipt_conntrack.ko ipt_realm.ko ip_conntrack_amanda.ko > ipt_ECN.ko ipt_dscp.ko ipt_recent.ko ip_conntrack_ftp.ko > ipt_LOG.ko ipt_ecn.ko ipt_state.ko ip_conntrack_irc.ko > ipt_MARK.ko ipt_esp.ko ipt_tcpmss.ko ip_conntrack_tftp.ko > ipt_MASQUERADE.ko ipt_helper.ko ipt_tos.ko ip_nat_amanda.ko > ipt_NETMAP.ko ipt_ipp2p.ko ipt_ttl.ko ip_nat_ftp.ko > ipt_NOTRACK.ko ipt_iprange.ko iptable_filter.ko ip_nat_irc.ko > ipt_REDIRECT.ko ipt_length.ko iptable_mangle.ko > ip_nat_snmp_basic.ko ipt_REJECT.ko ipt_limit.ko iptable_nat.ko > ip_nat_tftp.ko ipt_SAME.ko ipt_mac.ko iptable_raw.ko > ip_queue.ko ipt_TCPMSS.ko ipt_mark.ko > ip_tables.ko ipt_TOS.ko ipt_multiport.ko > debian:/opt/ipp2p-0.8.0# > debian:/opt/ipp2p-0.8.0# depmod -A > > debian:/opt/ipp2p-0.8.0# iptables -m ipp2p --help > iptables v1.2.11 > > Usage: iptables -[AD] chain rule-specification [options] > iptables -[RI] chain rulenum rule-specification [options] > iptables -D chain rulenum [options] > iptables -[LFZ] [chain] [options] > iptables -[NX] chain > iptables -E old-chain-name new-chain-name > iptables -P chain target [options] > iptables -h (print this help information) > > Commands: > Either long or short options are allowed. > --append -A chain Append to chain > --delete -D chain Delete matching rule from chain > --delete -D chain rulenum > Delete rule rulenum (1 = first) from chain > --insert -I chain [rulenum] > Insert in chain as rulenum (default > 1=first) --replace -R chain rulenum > Replace rule rulenum (1 = first) in chain > --list -L [chain] List the rules in a chain or all chains > --flush -F [chain] Delete all rules in chain or all chains > --zero -Z [chain] Zero counters in chain or all chains > --new -N chain Create a new user-defined chain > --delete-chain > -X [chain] Delete a user-defined chain > --policy -P chain target > Change policy on chain to target > --rename-chain > -E old-chain new-chain > Change chain name, (moving any references) > Options: > --proto -p [!] proto protocol: by number or name, eg. `tcp' > --source -s [!] address[/mask] > source specification > --destination -d [!] address[/mask] > destination specification > --in-interface -i [!] input name[+] > network interface name ([+] for wildcard) > --jump -j target > target for rule (may load target extension) > --match -m match > extended match (may load extension) > --numeric -n numeric output of addresses and ports > --out-interface -o [!] output name[+] > network interface name ([+] for wildcard) > --table -t table table to manipulate (default: `filter') > --verbose -v verbose mode > --line-numbers print line numbers when listing > --exact -x expand numbers (display exact values) > [!] --fragment -f match second or further fragments only > --modprobe=<command> try to insert modules using this command > --set-counters PKTS BYTES set the counter during insert/append > [!] --version -V print package version. > > IPP2P v0.8.0 options: > --ipp2p Grab all known p2p packets > --edk [TCP&UDP] All known eDonkey/eMule/Overnet packets > --dc [TCP] All known Direct Connect packets > --kazaa [TCP&UDP] All known KaZaA packets > --gnu [TCP&UDP] All known Gnutella packets > --bit [TCP&UDP] All known BitTorrent packets > --apple [TCP] All known AppleJuice packets > --winmx [TCP] All known WinMX > --soul [TCP] All known SoulSeek > --ares [TCP] All known Ares > > DEBUG SUPPPORT, use only if you know why > --debug Generate kernel debug output, THIS WILL SLOW DOWN > THE FILTER > > Note that the follwing options will have the same meaning: > '--ipp2p' is equal to '--edk --dc --kazaa --gnu --bit --apple --winmx > --soul --ares' > > IPP2P was intended for TCP only. Due to increasing usage of UDP we needed > to change this. You can now use -p udp to search UDP packets only or > without -p switch to search UDP and TCP packets. > > See README included with this package for more details or visit > http://www.ipp2p.org > > Examples: > iptables -A FORWARD -m ipp2p --ipp2p -j MARK --set-mark 0x01 > iptables -A FORWARD -p udp -m ipp2p --kazaa --bit -j DROP > iptables -A FORWARD -p tcp -m ipp2p --edk --soul -j DROP > > debian:/opt/ipp2p-0.8.0# > > debian:/opt/ipp2p-0.8.0# iptables -A FORWARD -m ipp2p --edk --kazaa --gnu > --bit --apple --dc --soul --winmx --ares -j DROP > debian:/opt/ipp2p-0.8.0# iptables -L > Chain INPUT (policy ACCEPT) > target prot opt source destination > > Chain FORWARD (policy ACCEPT) > target prot opt source destination > DROP all -- anywhere anywhere ipp2p v0.8.0 > --kazaa --gnu --edk --dc --bit --apple --soul --winmx --ares > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > > debian:/opt/ipp2p-0.8.0# lsmod > Module Size Used by > ipt_ipp2p 7424 1 > iptable_filter 3072 1 > ip_tables 16896 2 ipt_ipp2p,iptable_filter > > > > _______________________________________________ > Lista de correo Linux-plug > Temtica: Discusin general sobre Linux > Peruvian Linux User Group (http://www.linux.org.pe) > > Participa suscribindote y escribiendo a: [email protected] > Para darte de alta, de baja o hacer ajustes a tu suscripcin visita: > http://www.linux.org.pe/cgi-bin/mailman/listinfo/linux-plug > > IMPORTANTE: Reglas y recomendaciones > http://www.linux.org.pe/listas/reglas.php > http://www.linux.org.pe/listas/comportamiento.php > http://www.linux.org.pe/listas/recomendaciones.php -- -- Atte. Luis Brando Torres Coronel Produccion y Soporte - Sistemas Caja Nor Peru - Trujillo Tel: (+51)044-485500 Anexo 1053, 1039 Cel: (+51)044-9342620 [EMAIL PROTECTED] _______________________________________________ Lista de correo Linux-plug Temática: Discusión general sobre Linux Peruvian Linux User Group (http://www.linux.org.pe) Participa suscribiéndote y escribiendo a: [email protected] Para darte de alta, de baja o hacer ajustes a tu suscripción visita: http://www.linux.org.pe/cgi-bin/mailman/listinfo/linux-plug IMPORTANTE: Reglas y recomendaciones http://www.linux.org.pe/listas/reglas.php http://www.linux.org.pe/listas/comportamiento.php http://www.linux.org.pe/listas/recomendaciones.php
