RE: [LARTC] block p2p: ARES
Hi ! I've tried last the fantastic ipp2p kernel module. My results are that: Ares can be DROPED only Emule, Kazaa and EDonkey 2000 can be limited and/or Droped. And for this I have to use: . FW=/usr/local/sbin/iptables # If I don't put next rule, Ares are not marked: $FW -t mangle -A p2ptraffic -m ipp2p --ares -j DROP # next p2p rules $FW -t mangle -A p2ptraffic -p tcp -j CONNMARK --restore-mark $FW -t mangle -A p2ptraffic -p tcp -m mark ! --mark 0 -j ACCEPT $FW -t mangle -A p2ptraffic -p tcp -m ipp2p --ipp2p -j MARK --set-mark 10 $FW -t mangle -A p2ptraffic -p tcp -m mark --mark 10 -j CONNMARK --save-mark $FW -t mangle -A p2ptraffic -p udp -m ipp2p --ipp2p -j MARK --set-mark 10 . iptables-1.3.1 kernel-2.4.28 squid-cache - 2.5-STABLE10 Debian Stable. I hope this information can help for ipp2p module. thank you very much. andres. - -Mensaje original- - - Hi, - - there is a new version of ipp2p, which can detect ares connections now. - - just go to www.ipp2p.org and download this version. - - the parameter --ipp2p has changed, this is now ALL protocols - - please contact me if you find bugs... - - Klaus - - Klaus wrote: - I did a small test with the new ares version. - It seems they have switched their protocol and it is not - detected at the - moment. - - Lets see how difficult the new ares protocol is and how fast we can - integrate this into ipp2p. - - Klaus - - :: L i n u XK i D :: wrote: - - Hi - - I'm trying to setup a LAN router with P2P filter - but the problem is that can't catch Ares. - - There is a way to DROP ares p2p packets ? - - I've tried with last ipp2p snapshot without sucess... - - I've - Kernel 2.4.28 - iptables 1.3.0 - Various Patches from patch-o-matic-ng-20040621 - iproute2-ss020116 - IMQ Patch - Esfq Patch - Julian (route) Patch - Debian Woody - - - This is my MANGLE table... - - - Chain PREROUTING (policy ACCEPT 8557K packets, 2822M bytes) - pkts bytes target prot opt in out source - destination - 85574 24M p2ptraffic all -- * * 0.0.0.0/0 - 0.0.0.0/0 - . - - Chain p2ptraffic (1 references) - pkts bytes target prot opt in out source - destination - 11860 1620K CONNMARK all -- * * 0.0.0.0/0 - 0.0.0.0/0 ipp2p v0.7.4 --ipp2p CONNMARK set 0xa - 0 0 CONNMARK all -- * * 0.0.0.0/0 - 0.0.0.0/0 ipp2p v0.7.4 --bit CONNMARK set 0xa - 0 0 CONNMARK all -- * * 0.0.0.0/0 - 0.0.0.0/0 ipp2p v0.7.4 --apple CONNMARK set 0xa - 0 0 CONNMARK all -- * * 0.0.0.0/0 - 0.0.0.0/0 ipp2p v0.7.4 --winmx CONNMARK set 0xa - 157 CONNMARK all -- * * 0.0.0.0/0 - 0.0.0.0/0 ipp2p v0.7.4 --soul CONNMARK set 0xa - 0 0 DROP all -- * * 0.0.0.0/0 - 0.0.0.0/0 ipp2p v0.7.4 --ares - . - 54029 13M CONNMARK all -- * * 0.0.0.0/0 - 0.0.0.0/0 CONNMARK match 0xa CONNMARK restore - - - But... ARES Packet are not bloked at the momment - 0 0 DROP ipp2p v0.7.4 --ares - - :-( - - Somebody haves sucessfull blocking ARES ? - - regards... - Andres. - - ___ - LARTC mailing list - LARTC@mailman.ds9a.nl - http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc - - ___ - LARTC mailing list - LARTC@mailman.ds9a.nl - http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc - ___ - LARTC mailing list - LARTC@mailman.ds9a.nl - http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] block p2p: ARES
Hi, there is a new version of ipp2p, which can detect ares connections now. just go to www.ipp2p.org and download this version. the parameter --ipp2p has changed, this is now ALL protocols please contact me if you find bugs... Klaus Klaus wrote: I did a small test with the new ares version. It seems they have switched their protocol and it is not detected at the moment. Lets see how difficult the new ares protocol is and how fast we can integrate this into ipp2p. Klaus :: L i n u XK i D :: wrote: Hi I'm trying to setup a LAN router with P2P filter but the problem is that can't catch Ares. There is a way to DROP ares p2p packets ? I've tried with last ipp2p snapshot without sucess... I've Kernel 2.4.28 iptables 1.3.0 Various Patches from patch-o-matic-ng-20040621 iproute2-ss020116 IMQ Patch Esfq Patch Julian (route) Patch Debian Woody This is my MANGLE table... Chain PREROUTING (policy ACCEPT 8557K packets, 2822M bytes) pkts bytes target prot opt in out source destination 85574 24M p2ptraffic all -- * * 0.0.0.0/0 0.0.0.0/0 . Chain p2ptraffic (1 references) pkts bytes target prot opt in out source destination 11860 1620K CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 ipp2p v0.7.4 --ipp2p CONNMARK set 0xa 0 0 CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 ipp2p v0.7.4 --bit CONNMARK set 0xa 0 0 CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 ipp2p v0.7.4 --apple CONNMARK set 0xa 0 0 CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 ipp2p v0.7.4 --winmx CONNMARK set 0xa 157 CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 ipp2p v0.7.4 --soul CONNMARK set 0xa 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ipp2p v0.7.4 --ares . 54029 13M CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 CONNMARK match 0xa CONNMARK restore But... ARES Packet are not bloked at the momment 0 0 DROP ipp2p v0.7.4 --ares :-( Somebody haves sucessfull blocking ARES ? regards... Andres. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] block p2p: ARES
I did a small test with the new ares version. It seems they have switched their protocol and it is not detected at the moment. Lets see how difficult the new ares protocol is and how fast we can integrate this into ipp2p. Klaus :: L i n u XK i D :: wrote: Hi I'm trying to setup a LAN router with P2P filter but the problem is that can't catch Ares. There is a way to DROP ares p2p packets ? I've tried with last ipp2p snapshot without sucess... I've Kernel 2.4.28 iptables 1.3.0 Various Patches from patch-o-matic-ng-20040621 iproute2-ss020116 IMQ Patch Esfq Patch Julian (route) Patch Debian Woody This is my MANGLE table... Chain PREROUTING (policy ACCEPT 8557K packets, 2822M bytes) pkts bytes target prot opt in out source destination 85574 24M p2ptraffic all -- * * 0.0.0.0/0 0.0.0.0/0 . Chain p2ptraffic (1 references) pkts bytes target prot opt in out source destination 11860 1620K CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 ipp2p v0.7.4 --ipp2p CONNMARK set 0xa 0 0 CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 ipp2p v0.7.4 --bit CONNMARK set 0xa 0 0 CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 ipp2p v0.7.4 --apple CONNMARK set 0xa 0 0 CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 ipp2p v0.7.4 --winmx CONNMARK set 0xa 157 CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 ipp2p v0.7.4 --soul CONNMARK set 0xa 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ipp2p v0.7.4 --ares . 54029 13M CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 CONNMARK match 0xa CONNMARK restore But... ARES Packet are not bloked at the momment 0 0 DROP ipp2p v0.7.4 --ares :-( Somebody haves sucessfull blocking ARES ? regards... Andres. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
