Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 11
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    iptables firewall to block p2p traffic using ipp2p help pls


    Hello,

    I'm trying to get rid of kazaa and bittorrent traffic going through my box, and am having a crazy time trying to fix iptables.

    I've downloaded and compiled this : http://rnvs.informatik.uni-leipzig.d.../index_en.html

    Which is a p2p matching module for iptables ( ipp2p ).

    I'm trying to set some basic rules:

    iptables -F
    iptables -A FORWARD -p tcp -m ipp2p --bit -j DROP
    iptables -A FORWARD -p tcp -m ipp2p --kazaa -j DROP
    iptables -A FORWARD -p tcp -m ipp2p --dc -j DROP
    iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCE
    PT
    iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
    iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
    The traffic however, still gets through. Even stranger, if I flush with iptables -F the nat still works?! Shouldn't it stop working?

    Confused.
    Help appreciated.
    Alex

  2. #2
    Just Joined!
    Join Date
    Jul 2004
    Location
    UK
    Posts
    77
    Rather than using FORWARD try INPUT for your DROP rules.

    Armage

  3. #3
    Shouldn't the NAT stop working though if I issue an:

    iptables -F

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Jul 2004
    Location
    UK
    Posts
    77
    The NAT is in a different table. Hence iptables -t. This maybe why the flush doesn't clear the NAT.

    Hope this helps. Post back how you get on.

    Armage

  6. #5
    Ahh crap I see..thanks.

    iptables -t nat -L

    shows a separate list.

    At which step should I insert the drop rules in this case? In which table also? I've changed the rules above to the INPUT chain as you suggest, and still no avail.

  7. #6
    Just Joined!
    Join Date
    Jul 2004
    Location
    UK
    Posts
    77
    iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCE
    PT
    iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
    Theses rules look like they are allowing established connections access through the firewall. I would test turning them off too.

    The drops are ok where they are.

    Armage[/quote]

  8. #7
    Well after a slew of trial and error I have found where the calls are to be placed. Removing any of these results in p2p traffic going through.

    iptables -F
    iptables -A INPUT -p tcp -m ipp2p --ipp2p -j DROP
    iptables -A FORWARD -p tcp -m ipp2p --ipp2p -j DROP
    iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
    iptables -t nat -A POSTROUTING -p tcp -m ipp2p --ipp2p -j DROP
    iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

  9. #8
    An alternative approach would be to use "ROPE" (http://www.lowth.com/rope) and/or Ftwall (http://www.lowth.com/p2pwall/ftwall).

  10. #9

    Block P2P Traffic

    Did you get any final result for block P2P traffic.
    Aamir


    Quote Originally Posted by Atari View Post
    Hello,

    I'm trying to get rid of kazaa and bittorrent traffic going through my box, and am having a crazy time trying to fix iptables.

    I've downloaded and compiled this : http://rnvs.informatik.uni-leipzig.d.../index_en.html

    Which is a p2p matching module for iptables ( ipp2p ).

    I'm trying to set some basic rules:



    The traffic however, still gets through. Even stranger, if I flush with iptables -F the nat still works?! Shouldn't it stop working?

    Confused.
    Help appreciated.
    Alex

  11. #10
    Quote Originally Posted by Atari View Post
    Hello,

    I'm trying to get rid of kazaa and bittorrent traffic going through my box, and am having a crazy time trying to fix iptables.

    I've downloaded and compiled this : http://rnvs.informatik.uni-leipzig.d.../index_en.html

    Which is a p2p matching module for iptables ( ipp2p ).

    I'm trying to set some basic rules:



    The traffic however, still gets through. Even stranger, if I flush with iptables -F the nat still works?! Shouldn't it stop working?

    Confused.
    Help appreciated.
    Alex
    Hello Alex,
    I have a question; the link mentioned in your post is unaccessible,
    but the question is, how have you installed your ipp2p to work correct? I have followed several tutorials, I can reach the helpfile via 'iptables -m ipp2p -h', but when I try any other iptables-command with ipp2p in, I get the error 'segmentation fault'.. Do you have any idea how that's possible, or where did you get your info on installing it?

    Kind Regards

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •