block p2p traffic

Michael Sanders dsanders at jsu.edu
Sun Jun 6 00:53:14 UTC 2010


I second Paul that is the way to go, once one finds out they have eyes on them, it "can" fix it's self. We had a problem with an individual serving up files and the big bad record industry sent a letter. That gave us the right to cut the user off. Once turned back on behavior changed. You will get some flack on the front end but over time a majority of the community will get in line. 

Danny Michael Sanders 
IT Support Analyst 

----- "Paul Graydon" <paul at paulgraydon.co.uk> wrote: 
> That will help, but realistically you're going to have to block every "high port" to stop P2P through that method. 
> 
> The only way to effectively block P2P is to do packet sniffing and analysis.. and that's just one big hassle. 
> 
> My belief is this is usually the wrong way to tackle the problem, looking for a technical solution to a human resource problem. 
> User education (and LARTing if necessary) is the key. Using software like Cacti to monitor and graph per-port traffic stats, identify the largest bandwidth users and then focus on them and find out just why they're using up so much bandwidth. 
> It's remarkable just how soon the problem all goes away after you find just one or two individuals who are abusing the network infrastructure and explain to them what the disciplinary procedures are (or enact if it's appropriate and you have concrete evidence.) The message soon spreads! 
> 
> Paul 
> 
> On 06/04/2010 05:03 AM, Greyson Farias wrote: 

Hello, 
> 
> You can use these iptables rules, because I don't like, don't use and I don't wanna learn ufw. hehehehehe 
> 
> # Block P2P connections 
> iptables -A FORWARD -p tcp --dport 1214:1215 -j DROP 
> iptables -A FORWARD -p udp --dport 1214:1215 -j DROP 
> iptables -A FORWARD -p tcp --dport 1981 -j DROP 
> iptables -A FORWARD -p udp --dport 1981 -j DROP 
> iptables -A FORWARD -p tcp --dport 2037 -j DROP 
> iptables -A FORWARD -p udp --dport 2037 -j DROP 
> iptables -A FORWARD -p tcp --dport 3501 -j DROP 
> iptables -A FORWARD -p udp --dport 3501 -j DROP 
> iptables -A FORWARD -p tcp --dport 3531 -j DROP 
> iptables -A FORWARD -p udp --dport 3531 -j DROP 
> iptables -A FORWARD -p tcp --dport 3587 -j DROP 
> iptables -A FORWARD -p udp --dport 3587 -j DROP 
> iptables -A FORWARD -p tcp --dport 3955 -j DROP 
> iptables -A FORWARD -p udp --dport 3955 -j DROP 
> iptables -A FORWARD -p tcp --dport 4242 -j DROP 
> iptables -A FORWARD -p udp --dport 4242 -j DROP 
> iptables -A FORWARD -p tcp --dport 4661:4672 -j DROP 
> iptables -A FORWARD -p udp --dport 4661:4672 -j DROP 
> iptables -A FORWARD -p tcp --dport 4688 -j DROP 
> iptables -A FORWARD -p udp --dport 4688 -j DROP 
> iptables -A FORWARD -p tcp --dport 5121 -j DROP 
> iptables -A FORWARD -p udp --dport 5121 -j DROP 
> iptables -A FORWARD -p tcp --dport 5662 -j DROP 
> iptables -A FORWARD -p udp --dport 5662 -j DROP 
> iptables -A FORWARD -p tcp --dport 6085:6086 -j DROP 
> iptables -A FORWARD -p udp --dport 6085:6086 -j DROP 
> iptables -A FORWARD -p tcp --dport 6346:6347 -j DROP 
> iptables -A FORWARD -p udp --dport 6346:6347 -j DROP 
> iptables -A FORWARD -p tcp --dport 6699 -j DROP 
> iptables -A FORWARD -p udp --dport 6699 -j DROP 
> iptables -A FORWARD -p udp --dport 6881:6889 -j DROP 
> iptables -A FORWARD -p tcp --dport 6881:6889 -j DROP 
> iptables -A FORWARD -p tcp --dport 8473 -j DROP 
> iptables -A FORWARD -p udp --dport 8473 -j DROP 
> 
> 
> 
> 
> 2010/6/4 Kaushal Shriyan < kaushalshriyan at gmail.com > 
> 

Hi, 
> 
> is there a howto for blocking p2p traffic on ubuntu 10.04 server ? 
> 
> Thanks, 
> 
> Kaushal 
> 
> -- 
> ubuntu-server mailing list 
> ubuntu-server at lists.ubuntu.com 
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-server 
> More info: https://wiki.ubuntu.com/ServerTeam 
> 
> 

> -- 
> Greyson Farias 
> Técnico em Informática - CREA/AC 9329TD 
> Ubuntu user 
> Eu prefiro receber documentos em ODF. 
> http://ubuntu.com/download/getubuntu 
> Blog Ubuntu Acre: http://ubuntu-ac.org 
> 
> 
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-server/attachments/20100605/be296533/attachment.html>


More information about the ubuntu-server mailing list