Re: [m0n0wall] Killing all P2P traffic? How?

From:	SDamron <sdamron at gmail dot com>
To:	"Adam Armstrong" <lists at memetic dot org>
Cc:	"Alex M" <radiussupport at lrcommunications dot net>, m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Killing all P2P traffic? How?
Date:	Thu, 25 Jan 2007 17:43:10 -0600

Here is the common ones, but again, they are dynamic.  This list can
by shoved into ipfw, but again, protocol is what would really do it.

# kazaa - fasttrack clones
add deny tcp from any to any 1214
add deny udp from any to any 1214

# edonkey and clones
add deny tcp from any to any 4661-4672
add deny udp from any to any 4661-4672

# winmx and napster
add deny tcp from any to any 6257
add deny udp from any to any 6257
add deny tcp from any to any 6699
add deny udp from any to any 6699

# bittorrent
add deny tcp from any to any 6881-6889
add deny udp from any to any 6881-6889

# gnutella
add deny tcp from any to any 6346
add deny udp from any to any 6346

On 1/25/07, Adam Armstrong <lists at memetic dot org> wrote:
> If only there was an easy way to stop peer to peer traffic...!
>
> You can block well known ports, but that won't stop new applications, or
> applications which use random ports.
>
> The most successful methods generally involve classifying the packets at
> layer 7 and either dropping or shaping them based on that information.
>
> It's certainly not possible using m0n0wall.
>
> What you can do is create a small pipe and direct all unknown traffic to it,
> and another larger pipe and direct all known traffic to it
> (http/pop3/smtp/etc)
>
> The built in traffic shaper already builds rules which match all of the
> applications you're likely to want to track.
>
> Adam.
>
> > -----Original Message-----
> > From: Alex M [mailto:radiussupport at lrcommunications dot net]
> > Sent: 25 January 2007 23:30
> > To: Monowall Support List
> > Subject: [m0n0wall] Killing all P2P traffic? How?
> >
> > Hi ppl!
> >
> > I decided that out users do toooooo much illegal downloading (at least
> > that
> > what I think, ppl cant just download 4.8Gb each day, and that # seams
> > to be
> > equal to the size of 1 DVD)
> >
> >
> >
> > So I'm looking for the way to block traffic from most known P2P
> > clients. I
> > think this is possible by blocking their ports, but a) I don't know all
> > the
> > ports b) ppl can change their port #s. So is there any easy way to deal
> > with
> > it? Maybe through traffic shaper set some how max speed to 1kbps? Also
> > can
> > we do some blocking per user base?
> >
> >
> >
> > Appreciate your suggestions!
> >
> >
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>


-- 
-------------------------------
I don't want to believe, I want to know.