Re: block p2p traffic

Fri, 04 Jun 2010 11:06:54 -0700

That will help, but realistically you're going to have to block every "high port" to stop P2P through that method.
The only way to effectively block P2P is to do packet sniffing and analysis.. and that's just one big hassle. 


My belief is this is usually the wrong way to tackle the problem, 
looking for a technical solution to a human resource problem.
User education (and LARTing if necessary) is the key.  Using software 
like Cacti to monitor and graph per-port traffic stats, identify the 
largest bandwidth users and then focus on them and find out just why 
they're using up so much bandwidth.
It's remarkable just how soon the problem all goes away after you find 
just one or two individuals who are abusing the network infrastructure 
and explain to them what the disciplinary procedures are (or enact if 
it's appropriate and you have concrete evidence.)  The message soon spreads!


Paul

On 06/04/2010 05:03 AM, Greyson Farias wrote:

Hello,


You can use these iptables rules, because I don't like, don't use and 
I don't wanna learn ufw. hehehehehe


# Block P2P connections
iptables -A FORWARD -p tcp --dport 1214:1215 -j DROP
iptables -A FORWARD -p udp --dport 1214:1215 -j DROP
iptables -A FORWARD -p tcp --dport 1981 -j DROP
iptables -A FORWARD -p udp --dport 1981 -j DROP
iptables -A FORWARD -p tcp --dport 2037 -j DROP
iptables -A FORWARD -p udp --dport 2037 -j DROP
iptables -A FORWARD -p tcp --dport 3501 -j DROP
iptables -A FORWARD -p udp --dport 3501 -j DROP
iptables -A FORWARD -p tcp --dport 3531 -j DROP
iptables -A FORWARD -p udp --dport 3531 -j DROP
iptables -A FORWARD -p tcp --dport 3587 -j DROP
iptables -A FORWARD -p udp --dport 3587 -j DROP
iptables -A FORWARD -p tcp --dport 3955 -j DROP
iptables -A FORWARD -p udp --dport 3955 -j DROP
iptables -A FORWARD -p tcp --dport 4242 -j DROP
iptables -A FORWARD -p udp --dport 4242 -j DROP
iptables -A FORWARD -p tcp --dport 4661:4672 -j DROP
iptables -A FORWARD -p udp --dport 4661:4672 -j DROP
iptables -A FORWARD -p tcp --dport 4688 -j DROP
iptables -A FORWARD -p udp --dport 4688 -j DROP
iptables -A FORWARD -p tcp --dport 5121 -j DROP
iptables -A FORWARD -p udp --dport 5121 -j DROP
iptables -A FORWARD -p tcp --dport 5662 -j DROP
iptables -A FORWARD -p udp --dport 5662 -j DROP
iptables -A FORWARD -p tcp --dport 6085:6086 -j DROP
iptables -A FORWARD -p udp --dport 6085:6086 -j DROP
iptables -A FORWARD -p tcp --dport 6346:6347 -j DROP
iptables -A FORWARD -p udp --dport 6346:6347 -j DROP
iptables -A FORWARD -p tcp --dport 6699 -j DROP
iptables -A FORWARD -p udp --dport 6699 -j DROP
iptables -A FORWARD -p udp --dport 6881:6889 -j DROP
iptables -A FORWARD -p tcp --dport 6881:6889 -j DROP
iptables -A FORWARD -p tcp --dport 8473 -j DROP
iptables -A FORWARD -p udp --dport 8473 -j DROP




2010/6/4 Kaushal Shriyan <[email protected] 
<mailto:[email protected]>>


    Hi,

    is there a howto for blocking p2p traffic on ubuntu 10.04 server ?

    Thanks,

    Kaushal

    --
    ubuntu-server mailing list
    [email protected] <mailto:[email protected]>
    https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
    More info: https://wiki.ubuntu.com/ServerTeam




--
Greyson Farias
Técnico em Informática - CREA/AC 9329TD
Ubuntu user
Eu prefiro receber documentos em ODF.
http://ubuntu.com/download/getubuntu
Blog Ubuntu Acre: http://ubuntu-ac.org



-- 
ubuntu-server mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam





















					Reply via email to