Hi, ipp2p detects ares server connects only. At the moment no client connctions are recognized by ipp2p. So if you use ipp2p to mark all ares connections, you will only mark the server connnections (which would be bad in you situation.) Klaus maintainer of ipp2p LinuXKiD wrote: > Hi, > > I've a linux as router nat + firewall > (POLICY DROP for INPUT OUTPUT and FORWARD) > > but, I've put next rules for p2p software > on FORWARD chain > > [... snip ... ] > > iptables -F FORWARD > iptables -P FORWARD DROP > > > iptables -A FORWARD -p tcp --dport 80 -j ACCEPT > iptables -A FORWARD -p tcp --dport 25 -j ACCEPT > [... snip ... ] > > iptables -A FORWARD -m ipp2p --ipp2p -j ACCEPT > iptables -A FORWARD -m ipp2p --ares -j ACCEPT > > [...] > > Then... emule, kaazaa , edonkey and so on works very good > but ARES can't connect. > > I've > - iptables 1.3.3 > - kernel 2.4.28 > - ipp2p 0.8.0rc3 > > BUT, if I change policy > > iptables -P FORWARD ACCEPT > > ARES works, can connect. > > I've tried to guess tcp/udp ports with tcpdump > without suceess. > > I guess that ipp2p only can block p2p on a ACCEPT > policy firewall > > I must open some tcp/udp port ? > Can anybody helpme ? > > bests > andres. > > > > > > > > > > > > _______________________________________________ > LARTC mailing list > LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
