I have recently upgraded to Bering 1.2 using the HTB traffic shaping provided by Shorewall. As I cap the throughput on various P2P applications, I can see the FastTrack applications using the standard port 80, etc. to communicate. An excellent presentation to understand the problem network admins face with the FastTrack Network (i.e. KaZaA) can be found at: http://www.ndnn.org/the_kazaa_problem.ppt
After some rather extensive searching, I've notice a couple avenues I can take to block/throttle the FastTrack applications: 1. Use ftwall The QUEUE ACTION in Shorewall can be used to utilize ftwall 2. IPTABLES commands Apparently there is a patch for IPTABLES so that string matches are available. I'm sure this is what ftwall is doing, after looking at the ftwall source. The following IPTABLES commands could be used in the mangle table's PREROUTING chain: IPTABLES -A INSPECT -p TCP -m string --string "X-Kazaa-Username:" -j INSDROP IPTABLES -A INSPECT -p TCP -m string --string "X-Kazaa-Network:" -j INSDROP IPTABLES -A INSPECT -p TCP -m string --string "X-Kazaa-SupernodeIP:" -j INSDROP 2. Block the FastTrack Network host IP's I'm not sure of the effectiveness of this option but its available. http://testweb.oofle.com/filesharing/KaZaa/ ---- Ok after all of that my question are as follows: 1. Has anyone successfully implemented ftwall using Bering? 2. What degree of difficulty would it be to implement the IPTABLES patch for string matching? Many thanks for any feedback, Todd ------------------------------------------------------- This SF.Net email sponsored by: ApacheCon 2003, 16-19 November in Las Vegas. Learn firsthand the latest developments in Apache, PHP, Perl, XML, Java, MySQL, WebDAV, and more! http://www.apachecon.com/ ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
