Re: [LARTC] shareaza

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Is there any way to do that? How can I keep track of the
traffic generated by shareaza only?


Perhaps you need something like l7-filter.sf.net ?
Maybe l7-filter is not necessary. For classifying P2P traffic, you can use ipp2p module, available through patch-o-matic or newest code from here http://ipp2p.org/ ! 

   Seems that Shareaza is matched with --gnu !!



[root@correio ~]# iptables -m ipp2p --help
[ ........ ]
IPP2P v0.7.2 options:
--ipp2p        Grab all known p2p packets
--ipp2p-data   Identify all known p2p download commands (obsolete)

--edk          [TCP&UDP]       All known eDonkey/eMule/Overnet packets
--dc           [TCP]           All known Direct Connect packets
--kazaa        [TCP&UDP]       All known KaZaA packets
--gnu          [TCP&UDP]       All known Gnutella packets
--bit          [TCP&UDP]       All known BitTorrent packets
--apple [TCP] All known AppleJuice packets (beta - just a few tests until now) 
--winmx        [TCP]           All known WinMX (beta - need feedback)
--soul         [TCP]           All known SoulSeek (beta - need feedback!)
--ares [TCP] All known Ares - use with DROP only (beta - need feedback!)
--edk-data [TCP] eDonkey/eMule/Overnet download commands (obsolete) 
--dc-data      [TCP]           Direct Connect download command (obsolete)
--kazaa-data   [TCP]           KaZaA download command (obsolete)
--gnu-data     [TCP]           Gnutella download command (obsolete)

Note that the follwing options will have the same meaning:
'--ipp2p' is equal to '--edk --dc --kazaa --gnu'
'--ipp2p-data' is equal to '--edk-data --dc-data --kazaa-data --gnu-data'
IPP2P was intended for TCP only. Due to increasing usage of UDP we needed to change this. You can now use -p udp to search UDP packets only or without -p switch to search UDP and TCP packets.
See README included with this package for more details or visit http://www.ipp2p.org 

Examples:
iptables -A FORWARD -m ipp2p --ipp2p -j MARK --set-mark 0x01
iptables -A FORWARD -p udp -m ipp2p --kazaa --bit -j DROP
iptables -A FORWARD -p tcp -m ipp2p --edk --soul -j DROP
iptables -m ipp2p --help [root@correio ~]# 

--


	Atenciosamente / Sincerily,
	Leonardo Rodrigues
	Solutti Tecnologia
	http://www.solutti.com.br

	Minha armadilha de SPAM, NÃO mandem email
	gertrudes@xxxxxxxxxxxxxx
	My SPAMTRAP, do not email it
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux