On 09/04/13 21:28, Sam Varshavchik wrote:
I'm not sure if this is the same issue, but when one member of my
household acquired a Macbook, that thing just started flooding my
bandwidth.
I didn't know, at first, WTF was going on, and I didn't tie it to the
Macbook, but, fortunately, at that time I /was/ running a router with
DD-WRT firmware, so I could ssh into the router itself, and see that
it was the Macbook flinging crap into the Intertubes.
Yes, about the same thing happened here but it cost me a lot of
bandwidth usage/money before I understood what was happening. I couldn't
believe anyone would create a system that worked that way! Last fall she
put all the Apple stuff on the iCloud system and the mysterious usage began.
That hacked router, sadly, gave up the magic blue smoke some time ago,
and I just didn't have the mental fortitude to set up another
hackarouter, so I now have a stock Netgear WNDR3700v3 which, AFAIK,
doesn't have any way to report which connected device is generating
how much bandwidth, so I don't think I'd have any way of know what is
coming out of which device, but, back then I was lucky.
Anyway, the traffic that I saw coming out of the Macbook was massive
amounts of /UDP/ traffic to high ports, looked like some kind of a
peer-to-peer protocol. But it was all UDP. I didn't want to waste any
more time on this nonsense. The DD-WRT firmware allowed me to bind
filtering rules to MAC addresses. So, I set up a rule tied to the
Macbook MAC address, that blocked all traffic to UDP ports 1024-65535.
I'm presently using a Buffalo WZR-HP-G450H which I believe came with
DD-WRT installed. I have several other routers in which I have installed
DD-WRT but settled on this one for no special reason, they all work. It
looks to me like I should be able to block connection to "icloud.com" in
the router but so far that has not worked. The usage continues to grow
when I allow the Mac with iCloud to connect.
I can block other addresses, when the kids want iTunes or a PS3 update I
have to enable the connections for them.
That solved the problem for good, and I had no complaints. There's no
legitimate, mainstream, consumer Intertube use that needs high UDP
port ranges.
It should be that simple for me too, but alas nothing is easy!
P.S. The replacement Netgear router's firmware couldn't do MAC-based
filtering. So, when I carefully configured it, I just had the router's
DHCP server bind the Macbook's MAC address to a statically assigned IP
address, and set up the router to block all traffic from that IP
address to UDP ports 1024-65535.
I don't see a way to block ports in this Buffalo DD-WRT? Perhaps they
removed something. I'll try another router later, but what I've done it
seems should work ...
--
http://www.qrz.com/db/W2BOD
box10 Fedora-18 XFCE Linux
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
