Hi ! I've tried last the fantastic ipp2p kernel module. My results are that: Ares can be DROPED only Emule, Kazaa and EDonkey 2000 can be limited and/or Droped. And for this I have to use: ..... FW="/usr/local/sbin/iptables" # If I don't put next rule, Ares are not marked: $FW -t mangle -A p2ptraffic -m ipp2p --ares -j DROP # next p2p rules $FW -t mangle -A p2ptraffic -p tcp -j CONNMARK --restore-mark $FW -t mangle -A p2ptraffic -p tcp -m mark ! --mark 0 -j ACCEPT $FW -t mangle -A p2ptraffic -p tcp -m ipp2p --ipp2p -j MARK --set-mark 10 $FW -t mangle -A p2ptraffic -p tcp -m mark --mark 10 -j CONNMARK --save-mark $FW -t mangle -A p2ptraffic -p udp -m ipp2p --ipp2p -j MARK --set-mark 10 ..... iptables-1.3.1 kernel-2.4.28 squid-cache - 2.5-STABLE10 Debian Stable. I hope this information can help for ipp2p module. thank you very much. andres. -> -----Mensaje original----- -> -> Hi, -> -> there is a new version of ipp2p, which can detect ares connections now. -> -> just go to www.ipp2p.org and download this version. -> -> the parameter --ipp2p has changed, this is now ALL protocols -> -> please contact me if you find bugs... -> -> Klaus -> -> Klaus wrote: -> > I did a small test with the new ares version. -> > It seems they have switched their protocol and it is not -> detected at the -> > moment. -> > -> > Lets see how difficult the new ares protocol is and how fast we can -> > integrate this into ipp2p. -> > -> > Klaus -> > -> > :: L i n u XK i D :: wrote: -> > -> >> Hi.... -> >> -> >> I'm trying to setup a LAN router with P2P filter -> >> but the problem is that can't "catch" Ares. -> >> -> >> There is a way to DROP "ares" p2p packets ? -> >> -> >> I've tried with last "ipp2p" snapshot without sucess... -> >> -> >> I've -> >> Kernel 2.4.28 -> >> iptables 1.3.0 -> >> Various Patches from patch-o-matic-ng-20040621 -> >> iproute2-ss020116 -> >> IMQ Patch -> >> Esfq Patch -> >> Julian (route) Patch -> >> Debian Woody -> >> -> >> -> >> This is my MANGLE table... -> >> -> >> -> >> Chain PREROUTING (policy ACCEPT 8557K packets, 2822M bytes) -> >> pkts bytes target prot opt in out source -> >> destination -> >> 85574 24M p2ptraffic all -- * * 0.0.0.0/0 -> >> 0.0.0.0/0 -> >> ................. -> >> -> >> Chain p2ptraffic (1 references) -> >> pkts bytes target prot opt in out source -> >> destination -> >> 11860 1620K CONNMARK all -- * * 0.0.0.0/0 -> >> 0.0.0.0/0 ipp2p v0.7.4 --ipp2p CONNMARK set 0xa -> >> 0 0 CONNMARK all -- * * 0.0.0.0/0 -> >> 0.0.0.0/0 ipp2p v0.7.4 --bit CONNMARK set 0xa -> >> 0 0 CONNMARK all -- * * 0.0.0.0/0 -> >> 0.0.0.0/0 ipp2p v0.7.4 --apple CONNMARK set 0xa -> >> 0 0 CONNMARK all -- * * 0.0.0.0/0 -> >> 0.0.0.0/0 ipp2p v0.7.4 --winmx CONNMARK set 0xa -> >> 1 57 CONNMARK all -- * * 0.0.0.0/0 -> >> 0.0.0.0/0 ipp2p v0.7.4 --soul CONNMARK set 0xa -> >> 0 0 DROP all -- * * 0.0.0.0/0 -> >> 0.0.0.0/0 ipp2p v0.7.4 --ares -> >> ......... -> >> 54029 13M CONNMARK all -- * * 0.0.0.0/0 -> >> 0.0.0.0/0 CONNMARK match 0xa CONNMARK restore -> >> -> >> -> >> But... ARES Packet are not bloked at the momment.... -> >> 0 0 DROP .... ipp2p v0.7.4 --ares -> >> -> >> :-( -> >> -> >> Somebody haves sucessfull blocking ARES ? -> >> -> >> regards... -> >> Andres. -> >> -> >> _______________________________________________ -> >> LARTC mailing list -> >> LARTC@xxxxxxxxxxxxxxx -> >> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc -> > -> > _______________________________________________ -> > LARTC mailing list -> > LARTC@xxxxxxxxxxxxxxx -> > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc -> _______________________________________________ -> LARTC mailing list -> LARTC@xxxxxxxxxxxxxxx -> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
