|
Hello,
Hi,
#What version do you use? If it's IPP2P 05 try the updated version 05b. If #this does not help post your ruleset and an output of "iptables -L -n -v -x" #for the appropriate table here please. I'm tried to use v0.5b.... but it not worked. Now
i'm using v0.4 with no problems...
The rule i'm using...:
iptables -I FORWARD -p tcp -m
ipp2p --ipp2p -j DROP
The command iptables -L -n -v -x
returns:
Chain INPUT (policy ACCEPT 388 packets, 97441
bytes)
pkts bytes target prot opt in out source dest ination 929 186369 RH-Lokkit-0-50-INPUT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT 10960 packets, 6220585 bytes) pkts bytes target prot opt in out source destination 317 36866 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 ipp2p v0.4 --ipp2p 21307 10219893 RH-Lokkit-0-50-INPUT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 866 packets, 152845 bytes) pkts bytes target prot opt in out source dest ination Chain RH-Lokkit-0-50-INPUT (2 references) pkts bytes target prot opt in out source dest ination 0 0 ACCEPT udp -- * * 200.150.13.244 0.0.0. 0/0 udp spt:53 dpts:1025:65535 0 0 ACCEPT udp -- * * 200.150.13.243 0.0.0. 0/0 udp spt:53 dpts:1025:65535 0 0 ACCEPT udp -- * * 200.150.4.5 0.0.0. 0/0 udp spt:53 dpts:1025:65535 31 5173 ACCEPT udp -- * * 200.150.4.4 0.0.0. 0/0 udp spt:53 dpts:1025:65535 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0. 0/0 tcp dpt:80 flags:0x16/0x02 4 192 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0. 0/0 tcp dpt:21 flags:0x16/0x02 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0. 0/0 tcp dpt:22 flags:0x16/0x02 9 432 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0. 0/0 tcp dpt:25 flags:0x16/0x02 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0. 0/0 tcp dpt:23 flags:0x16/0x02 0 0 ACCEPT udp -- eth0 * 0.0.0.0/0 0.0.0. 0/0 udp spts:67:68 dpts:67:68 81 26636 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0. 0/0 udp spts:67:68 dpts:67:68 62 3100 ACCEPT all -- lo * 0.0.0.0/0 0.0.0. 0/0 10654 4046161 ACCEPT all -- eth0 * 0.0.0.0/0 0.0.0. 0/0 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0. 0/0 tcp dpts:0:1023 flags:0x16/0x02 reject-with icmp-port-unreachable 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0. 0/0 tcp dpt:2049 flags:0x16/0x02 reject-with icmp-port-unreachable 47 6542 REJECT udp -- * * 0.0.0.0/0 0.0.0. 0/0 udp dpts:0:1023 reject-with icmp-port-unreachable 0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0. 0/0 udp dpt:2049 reject-with icmp-port-unreachable 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0. 0/0 tcp dpts:6000:6009 flags:0x16/0x02 reject-with icmp-port-unreachabl e 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0. 0/0 tcp dpt:7100 flags:0x16/0x02 reject-with icmp-port-unreachable At this setup... everything goes fines. But if
try to use v0.5b, nothing happens...
I stop iptables
remove the ipt_ipp2p.o mod (v0.4)
configue the Makefile of the 0.5b
version
install libipt_ipp2p.so - overwriting the old
one
run insmod ipt_ipp2p.o successfully
set iptables -I FORWARD -p tcp -m ipp2p --ipp2p
-j DROP
NOTHING HAPPENS - Kazaa can download files
again....
#I've never tried the wondershaper script myself
but according to information
#from IPP2P users this shall work. Do you use any kind of traffic shaper? What's
your configuration/rules?
#Well not yet - the supported p2p-networks are: #-eDonkey #-KaZaA #-Gnutella #-Direct Connect #-BitTorrent (working well for me but still beta) #-AppleJuice (still beta) # #If this feature is very important to you and if you are willing to do some #testing for me I'll take some time and try to implement these networks. I was #going to do this anyway but not at the moment. Well... suport for these networks would be
great. And yes... i can do some tests for you.....
I'm testing the setup using Kazaa Lite and
Overnet.....
Thanks a lot.
LEANDRO TRAVAGLIA
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.619 / Virus Database: 398 - Release Date: 10/3/2004 |
