dzelde
asked on
How to deny any file sharing like dc++ with ipfw?
i have FreeBSD box where i use bridge + nat + dhcp etc but sometimes i need to block any dc++,kazaa,limeware and all other file sharing programs so that other user can use other Internet bandwidth for other purposes...
please, could someone write what rule should i add to ipfw to deny file sharing?
Martins.
please, could someone write what rule should i add to ipfw to deny file sharing?
Martins.
Or you can use traffic shaping, where pf and altq performs better than ipfw2 and dummynet.
ASKER
currently i am trying to understand how i might do that using dummynet cous never tried pf and altq but will try that.
maybe someone know syntax for dummynet?
maybe someone know syntax for dummynet?
will pf help ???
ASKER
well, it will take a time to move to pf so currently i am using dummynet. i would really appreciate if someone would tell how to restrict dc++ with ipfw or dummynet.
because dc++ is using many ports and closing only few might not control it completly. those peer to peer connection uses many ports, doesnt it?
because dc++ is using many ports and closing only few might not control it completly. those peer to peer connection uses many ports, doesnt it?
snort detects some, and resets connections via flexresp.
ip/port blacklists will not do.
ip/port blacklists will not do.
ipfw add deny tcp from any to any 1214 via via fxp0 out (where fxp0 outbound interface)
try to filter in above form ports: 23956 1080 8081
ASKER
i am sure that ip/port blacklist will not work. i would look into snort reseting connection via flexresp but gheist said that snort detect only some... isnt there a way to do it for sure.
dzelde
dzelde
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
iptables -A FORWARD --dport 1214 -j REJECT # KaZaa
iptables -A FORWARD --dport 4661,4662,4663,4664,4665 -j REJECT # E-Donkey
iptables -A FORWARD --dport 6346,6347 -j REJECT # Gnutella, limwire (not shure)
ipfw might look like:
ipfw add deny log 6346,6347 from any