On Mon, Jun 7, 2010 at 2:26 PM, Kaushal Shriyan <[email protected]>wrote:
> > > On Sun, Jun 6, 2010 at 6:23 AM, Michael Sanders <[email protected]> wrote: > >> I second Paul that is the way to go, once one finds out they have eyes on >> them, it "can" fix it's self. We had a problem with an individual serving >> up files and the big bad record industry sent a letter. That gave us the >> right to cut the user off. Once turned back on behavior changed. You will >> get some flack on the front end but over time a majority of the community >> will get in line. >> >> Danny Michael Sanders >> IT Support Analyst >> >> ----- "Paul Graydon" <[email protected]> wrote: >> > That will help, but realistically you're going to have to block every >> "high port" to stop P2P through that method. >> > >> > The only way to effectively block P2P is to do packet sniffing and >> analysis.. and that's just one big hassle. >> > >> > My belief is this is usually the wrong way to tackle the problem, >> looking for a technical solution to a human resource problem. >> > User education (and LARTing if necessary) is the key. Using software >> like Cacti to monitor and graph per-port traffic stats, identify the largest >> bandwidth users and then focus on them and find out just why they're using >> up so much bandwidth. >> > It's remarkable just how soon the problem all goes away after you find >> just one or two individuals who are abusing the network infrastructure and >> explain to them what the disciplinary procedures are (or enact if it's >> appropriate and you have concrete evidence.) The message soon spreads! >> > >> > Paul >> > >> > On 06/04/2010 05:03 AM, Greyson Farias wrote: >> >> Hello, >> > >> > You can use these iptables rules, because I don't like, don't use and I >> don't wanna learn ufw. hehehehehe >> > >> > # Block P2P connections >> > iptables -A FORWARD -p tcp --dport 1214:1215 -j DROP >> > iptables -A FORWARD -p udp --dport 1214:1215 -j DROP >> > iptables -A FORWARD -p tcp --dport 1981 -j DROP >> > iptables -A FORWARD -p udp --dport 1981 -j DROP >> > iptables -A FORWARD -p tcp --dport 2037 -j DROP >> > iptables -A FORWARD -p udp --dport 2037 -j DROP >> > iptables -A FORWARD -p tcp --dport 3501 -j DROP >> > iptables -A FORWARD -p udp --dport 3501 -j DROP >> > iptables -A FORWARD -p tcp --dport 3531 -j DROP >> > iptables -A FORWARD -p udp --dport 3531 -j DROP >> > iptables -A FORWARD -p tcp --dport 3587 -j DROP >> > iptables -A FORWARD -p udp --dport 3587 -j DROP >> > iptables -A FORWARD -p tcp --dport 3955 -j DROP >> > iptables -A FORWARD -p udp --dport 3955 -j DROP >> > iptables -A FORWARD -p tcp --dport 4242 -j DROP >> > iptables -A FORWARD -p udp --dport 4242 -j DROP >> > iptables -A FORWARD -p tcp --dport 4661:4672 -j DROP >> > iptables -A FORWARD -p udp --dport 4661:4672 -j DROP >> > iptables -A FORWARD -p tcp --dport 4688 -j DROP >> > iptables -A FORWARD -p udp --dport 4688 -j DROP >> > iptables -A FORWARD -p tcp --dport 5121 -j DROP >> > iptables -A FORWARD -p udp --dport 5121 -j DROP >> > iptables -A FORWARD -p tcp --dport 5662 -j DROP >> > iptables -A FORWARD -p udp --dport 5662 -j DROP >> > iptables -A FORWARD -p tcp --dport 6085:6086 -j DROP >> > iptables -A FORWARD -p udp --dport 6085:6086 -j DROP >> > iptables -A FORWARD -p tcp --dport 6346:6347 -j DROP >> > iptables -A FORWARD -p udp --dport 6346:6347 -j DROP >> > iptables -A FORWARD -p tcp --dport 6699 -j DROP >> > iptables -A FORWARD -p udp --dport 6699 -j DROP >> > iptables -A FORWARD -p udp --dport 6881:6889 -j DROP >> > iptables -A FORWARD -p tcp --dport 6881:6889 -j DROP >> > iptables -A FORWARD -p tcp --dport 8473 -j DROP >> > iptables -A FORWARD -p udp --dport 8473 -j DROP >> > >> > >> > >> > >> > 2010/6/4 Kaushal Shriyan <[email protected]> >> > >>> >>> Hi, >>> > >>> > is there a howto for blocking p2p traffic on ubuntu 10.04 server ? >>> > >>> > Thanks, >>> > >>> > Kaushal >>> > >>> > -- >>> > ubuntu-server mailing list >>> > [email protected] >>> > https://lists.ubuntu.com/mailman/listinfo/ubuntu-server >>> > More info: https://wiki.ubuntu.com/ServerTeam >>> > >> >> >> > >> >> > -- >> > Greyson Farias >> > Técnico em Informática - CREA/AC 9329TD >> > Ubuntu user >> > Eu prefiro receber documentos em ODF. >> > http://ubuntu.com/download/getubuntu >> > Blog Ubuntu Acre: http://ubuntu-ac.org >> > >> >> >> > >> > >> >> -- >> ubuntu-server mailing list >> [email protected] >> https://lists.ubuntu.com/mailman/listinfo/ubuntu-server >> More info: https://wiki.ubuntu.com/ServerTeam >> > > Hi Again > > I did followed http://www.debian-administration.org/articles/562 > when i run the make command i get http://pastebin.ubuntu.com/445975/ > > Please suggest/guide. > > Thanks, > > Kaushal > Hi, For the benefit of others in this email thread, I did followed this steps #apt-get install xtables-addons-common #module-assistant --verbose --text-mode auto-install xtables-addons #modprobe xt_ipp2p I added the below line at the end of /etc/init.d/shorewall and restarted shorewall, it worked. /sbin/iptables -I OUTPUT -m ipp2p --kazaa --edk --gnu --dc --bit --apple --winmx --soul --ares -j DROP; /sbin/iptables -I INPUT -m ipp2p --kazaa --edk --gnu --dc --bit --apple --winmx --soul --ares -j DROP; /sbin/iptables -I FORWARD -m ipp2p --kazaa --edk --gnu --dc --bit --apple --winmx --soul --ares -j DROP I did iptables -L | grep ipp2p it showed up the below entries. DROP all -- anywhere anywhere ipp2p --edk --dc --gnu --kazaa --bit --apple --soul --winmx --ares DROP all -- anywhere anywhere ipp2p --edk --dc --gnu --kazaa --bit --apple --soul --winmx --ares DROP all -- anywhere anywhere ipp2p --edk --dc --gnu --kazaa --bit --apple --soul --winmx --ares I checked on shorewall irc channel, they said its not a correct method to add the below line in /etc/init.d/shorewall /sbin/iptables -I OUTPUT -m ipp2p --kazaa --edk --gnu --dc --bit --apple --winmx --soul --ares -j DROP; /sbin/iptables -I INPUT -m ipp2p --kazaa --edk --gnu --dc --bit --apple --winmx --soul --ares -j DROP; /sbin/iptables -I FORWARD -m ipp2p --kazaa --edk --gnu --dc --bit --apple --winmx --soul --ares -j DROP Please suggest/guide further and let me know the correct and the best practices to block ipp2p traffic Thanks and Regards Kaushal
-- ubuntu-server mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
