block p2p traffic

Kaushal Shriyan kaushalshriyan at gmail.com
Mon Jun 7 08:56:19 UTC 2010 

On Sun, Jun 6, 2010 at 6:23 AM, Michael Sanders <dsanders at jsu.edu> wrote:

> I second Paul that is the way to go, once one finds out they have eyes on
> them, it "can" fix it's self.  We had a problem with an individual serving
> up files and the big bad record industry sent a letter. That gave us the
> right to cut the user off. Once turned back on behavior changed.   You will
> get some flack on the front end but over time a majority of the community
> will get in line.
>
>   Danny Michael Sanders
>   IT Support Analyst
>
> ----- "Paul Graydon" <paul at paulgraydon.co.uk> wrote:
> > That will help, but realistically you're going to have to block every
> "high port" to stop P2P through that method.
> >
> > The only way to effectively block P2P is to do packet sniffing and
> analysis.. and that's just one big hassle.
> >
> > My belief is this is usually the wrong way to tackle the problem, looking
> for a technical solution to a human resource problem.
> > User education (and LARTing if necessary) is the key.  Using software
> like Cacti to monitor and graph per-port traffic stats, identify the largest
> bandwidth users and then focus on them and find out just why they're using
> up so much bandwidth.
> > It's remarkable just how soon the problem all goes away after you find
> just one or two individuals who are abusing the network infrastructure and
> explain to them what the disciplinary procedures are (or enact if it's
> appropriate and you have concrete evidence.)  The message soon spreads!
> >
> > Paul
> >
> > On 06/04/2010 05:03 AM, Greyson Farias wrote:
>
> Hello,
> >
> > You can use these iptables rules, because I don't like, don't use and I
> don't wanna learn ufw. hehehehehe
> >
> > # Block P2P connections
> > iptables -A FORWARD -p tcp --dport 1214:1215 -j DROP
> > iptables -A FORWARD -p udp --dport 1214:1215 -j DROP
> > iptables -A FORWARD -p tcp --dport 1981 -j DROP
> > iptables -A FORWARD -p udp --dport 1981 -j DROP
> > iptables -A FORWARD -p tcp --dport 2037 -j DROP
> > iptables -A FORWARD -p udp --dport 2037 -j DROP
> > iptables -A FORWARD -p tcp --dport 3501 -j DROP
> > iptables -A FORWARD -p udp --dport 3501 -j DROP
> > iptables -A FORWARD -p tcp --dport 3531 -j DROP
> > iptables -A FORWARD -p udp --dport 3531 -j DROP
> > iptables -A FORWARD -p tcp --dport 3587 -j DROP
> > iptables -A FORWARD -p udp --dport 3587 -j DROP
> > iptables -A FORWARD -p tcp --dport 3955 -j DROP
> > iptables -A FORWARD -p udp --dport 3955 -j DROP
> > iptables -A FORWARD -p tcp --dport 4242 -j DROP
> > iptables -A FORWARD -p udp --dport 4242 -j DROP
> > iptables -A FORWARD -p tcp --dport 4661:4672 -j DROP
> > iptables -A FORWARD -p udp --dport 4661:4672 -j DROP
> > iptables -A FORWARD -p tcp --dport 4688 -j DROP
> > iptables -A FORWARD -p udp --dport 4688 -j DROP
> > iptables -A FORWARD -p tcp --dport 5121 -j DROP
> > iptables -A FORWARD -p udp --dport 5121 -j DROP
> > iptables -A FORWARD -p tcp --dport 5662 -j DROP
> > iptables -A FORWARD -p udp --dport 5662 -j DROP
> > iptables -A FORWARD -p tcp --dport 6085:6086 -j DROP
> > iptables -A FORWARD -p udp --dport 6085:6086 -j DROP
> > iptables -A FORWARD -p tcp --dport 6346:6347 -j DROP
> > iptables -A FORWARD -p udp --dport 6346:6347 -j DROP
> > iptables -A FORWARD -p tcp --dport 6699 -j DROP
> > iptables -A FORWARD -p udp --dport 6699 -j DROP
> > iptables -A FORWARD -p udp --dport 6881:6889 -j DROP
> > iptables -A FORWARD -p tcp --dport 6881:6889 -j DROP
> > iptables -A FORWARD -p tcp --dport 8473 -j DROP
> > iptables -A FORWARD -p udp --dport 8473 -j DROP
> >
> >
> >
> >
> > 2010/6/4 Kaushal Shriyan <kaushalshriyan at gmail.com>
> >
>>
>> Hi,
>> >
>> > is there a howto for blocking p2p traffic on ubuntu 10.04 server ?
>> >
>> > Thanks,
>> >
>> > Kaushal
>> >
>> > --
>> > ubuntu-server mailing list
>> > ubuntu-server at lists.ubuntu.com
>> > https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
>> > More info: https://wiki.ubuntu.com/ServerTeam
>> >
>
>
> >
>
> > --
> > Greyson Farias
> > Técnico em Informática - CREA/AC 9329TD
> > Ubuntu user
> > Eu prefiro receber documentos em ODF.
> > http://ubuntu.com/download/getubuntu
> > Blog Ubuntu Acre: http://ubuntu-ac.org
> >
>
>
> >
> >
>
> --
> ubuntu-server mailing list
> ubuntu-server at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
> More info: https://wiki.ubuntu.com/ServerTeam
>

Hi Again

I did followed http://www.debian-administration.org/articles/562
when i run the make command i get http://pastebin.ubuntu.com/445975/

Please suggest/guide.

Thanks,

Kaushal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-server/attachments/20100607/ddf460dc/attachment.html>

More information about the ubuntu-server mailing list