[ previous ] [ next ] [ threads ]
 
 From:  "Alex M" <radiussupport at lrcommunications dot net>
 To:  "Monowall Support List" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Killing all P2P traffic? How?
 Date:  Thu, 25 Jan 2007 19:23:36 -0500
Lol so many replies in 1 min (here where I appreciate the forum view is so
easy to read :-)

So ok lets say we kill those ports, but 
a) How can we block ports dynamically for radius users?
b) why cant we edit mono to idetntify protockols?
c) how can I look in the past loog to seee who from radius users uses what
ports?

Thanks!
 

-----Original Message-----
From: SDamron [mailto:sdamron at gmail dot com] 
Sent: Thursday, January 25, 2007 6:45 PM
To: Adam Armstrong
Cc: Alex M; m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] Killing all P2P traffic? How?

Oh, and BTW, those are reeeeeealy old :o)

On 1/25/07, SDamron <sdamron at gmail dot com> wrote:
> Here is the common ones, but again, they are dynamic.  This list can
> by shoved into ipfw, but again, protocol is what would really do it.
>
> # kazaa - fasttrack clones
> add deny tcp from any to any 1214
> add deny udp from any to any 1214
>
> # edonkey and clones
> add deny tcp from any to any 4661-4672
> add deny udp from any to any 4661-4672
>
> # winmx and napster
> add deny tcp from any to any 6257
> add deny udp from any to any 6257
> add deny tcp from any to any 6699
> add deny udp from any to any 6699
>
> # bittorrent
> add deny tcp from any to any 6881-6889
> add deny udp from any to any 6881-6889
>
> # gnutella
> add deny tcp from any to any 6346
> add deny udp from any to any 6346
>
> On 1/25/07, Adam Armstrong <lists at memetic dot org> wrote:
> > If only there was an easy way to stop peer to peer traffic...!
> >
> > You can block well known ports, but that won't stop new applications, or
> > applications which use random ports.
> >
> > The most successful methods generally involve classifying the packets at
> > layer 7 and either dropping or shaping them based on that information.
> >
> > It's certainly not possible using m0n0wall.
> >
> > What you can do is create a small pipe and direct all unknown traffic to
it,
> > and another larger pipe and direct all known traffic to it
> > (http/pop3/smtp/etc)
> >
> > The built in traffic shaper already builds rules which match all of the
> > applications you're likely to want to track.
> >
> > Adam.
> >
> > > -----Original Message-----
> > > From: Alex M [mailto:radiussupport at lrcommunications dot net]
> > > Sent: 25 January 2007 23:30
> > > To: Monowall Support List
> > > Subject: [m0n0wall] Killing all P2P traffic? How?
> > >
> > > Hi ppl!
> > >
> > > I decided that out users do toooooo much illegal downloading (at least
> > > that
> > > what I think, ppl cant just download 4.8Gb each day, and that # seams
> > > to be
> > > equal to the size of 1 DVD)
> > >
> > >
> > >
> > > So I'm looking for the way to block traffic from most known P2P
> > > clients. I
> > > think this is possible by blocking their ports, but a) I don't know
all
> > > the
> > > ports b) ppl can change their port #s. So is there any easy way to
deal
> > > with
> > > it? Maybe through traffic shaper set some how max speed to 1kbps? Also
> > > can
> > > we do some blocking per user base?
> > >
> > >
> > >
> > > Appreciate your suggestions!
> > >
> > >
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> >
>
>
> --
> -------------------------------
> I don't want to believe, I want to know.
>


-- 
-------------------------------
I don't want to believe, I want to know.

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch