On 6/4/10 6:29 AM, Kaushal Shriyan wrote:
http://www.shorewall.net/IPP2P.html is the only way you're going to be able to do it within the context of Shorewall, as bittorrent clients are very cagey and don't rely on a static port or a fixed destination IP for you to be able to block without performing some sort of packet decoding.On Fri, Jun 4, 2010 at 6:53 PM, Stephane Bortzmeyer <[email protected] <mailto:[email protected]>> wrote:On Fri, Jun 04, 2010 at 06:45:29PM +0530, Kaushal Shriyan <[email protected] <mailto:[email protected]>> wrote a message of 51 lines which said: > is there a howto for blocking p2p traffic on ubuntu 10.04 server ? Peer-to-peer is a very useful technique, used by many protocols. Why do you want to block it? (Not to mention that blocking something as broad as "P2P" means shutting down everything.) Hi Stephane Basically to block bittorrent traffic on firewall Thanks, Kaushal
Another way to do this is by implementing Snort-inline with Shorewall, but neither method is for the faint of heart. There may be a way to hack up something using Limit Action, but that'll only help when the client is connecting to peers.
You could also disable all outbound traffic except via proxy, but most bittorrent clients can transverse socks and http proxies, so it would only be security-by-obfuscation.
------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
