Kazaa and iptables
Mark Musone
mmusone at shatterit.com
Wed Apr 23 08:14:33 EDT 2003
Kazaa uses it's own port ( I think 1214), but unfortunately it also can
use (and quite oftenly) port 80, so theres not necessarially a quick and
easy fix.
You need to do packet inspection to filter it out.
Take a look at: http://www.oofle.com/filesharing.php
This has iptables filters.
With cisco routers, you need to do the following:
match protocol fasttrack
match protocol gnutella
match protocol napster
match protocol httpurl "\.hash=*"
match protocol httpurl "/.hash=*"
match protocol kazaa2
!
!
policy-map p2p
class p2p
police cir 8000 bc 1500 be 1500
conform-action drop
exceed-action drop
THEN, add the following to both of your incoming & outgoing Router
Interfaces:
interface FastEthernet0/0
ip nbar protocol-discovery
service-policy input p2p
!
interface FastEthernet0/1
ip nbar protocol-discovery
service-policy output p2p
!
This config not only blocks most P2P applications, but eliminates
Kazaa2's ability to port hop & utilize port 80
-Mark
-----Original Message-----
From: owner-nflug at nflug.org [mailto:owner-nflug at nflug.org] On Behalf Of
Cyber Source
Sent: Wednesday, April 23, 2003 7:53 AM
To: nflug at nflug.org
Subject: Re: Kazaa and iptables
I took a quick look into our shorewall config here because I could have
sworn I saw a commented out section for Kazaa in there but I couldn't
find it this morning. I was looking for the port number for you and even
in a quick search on Google, found no quick location of the port Kazaa
uses. If I find it I will pass it on.
On Wed, 2003-04-23 at 07:31, Justin Bennett wrote:
> A buddy of mine asked me to block Kazaa for him on his Frat's dsl
> connection, he has a linux fw/router using iptables. I have not used
> kazaa anyone have a rule to block it.
>
> Thanks
> Justin
--
Cyber Source <peter at thecybersource.com>
More information about the nflug
mailing list