Author Topic: Block p2p Easily :)  (Read 22874 times)

Offline wanalex

  • Sr. Member
  • ****
  • Posts: 51
Block p2p Easily :)
« on: January 02, 2011, 02:30:10 am »
Hi,

If you are trying to block p2p, the best is to edit iptables. I've spent a few hours to figure out how to edit those iptables, but I finally made it :)
I hope this will be helpfull for you.

Here I have combine information from 3 tutorials :
- http://coova.org/node/749
- http://debianclub.org/node/570
- http://www.cs.colostate.edu/helpdocs/vi.html


just a little howto set up a p2p block.

1. install the software -> web gui -> status -> shaping

2. login per ssh using Putty (software for ssh)

 login:root password:<your password you use to login in coova>

3. edit modules: copy from here and paste in Putty with a right click

vi /etc/modules.d/05-iptables

add ipt: to add in vi mode you need to press "i" (without the quotation mark), insert your  lines; when you are done and it looks neat press "esc"
ipt_ipp2p
ipt_layer7

Save: to save just press the colon key":" followed by x

:x

4. edit a startupscript:

 vi /etc/init.d/S91p2p_block

add: i

iptables -I FORWARD -m ipp2p --edk -j DROP
iptables -I FORWARD -m ipp2p --dc -j DROP
iptables -I FORWARD -m ipp2p --kazaa -j DROP
iptables -I FORWARD -m ipp2p --gnu -j DROP
iptables -I FORWARD -m ipp2p --bit -j DROP
iptables -I FORWARD -m ipp2p --apple -j DROP
iptables -I FORWARD -m ipp2p --winmx -j DROP
iptables -I FORWARD -m ipp2p --soul -j DROP
iptables -I FORWARD -m ipp2p --ares -j DROP
iptables -I FORWARD -m ipp2p --mute -j DROP
iptables -I FORWARD -m ipp2p --waste -j DROP
iptables -I FORWARD -m ipp2p --xdcc -j DROP
iptables -I FORWARD -m ipp2p --info_hash -j DROP
iptables -I FORWARD -m ipp2p --get_peers -j DROP
iptables -I FORWARD -m ipp2p --announce -j DROP

esc

Save:

:x

5. reboot

Et voila,
« Last Edit: January 03, 2011, 01:51:57 am by wanalex »

Offline wanalex

  • Sr. Member
  • ****
  • Posts: 51
Re: Block p2p Easily :)
« Reply #1 on: February 06, 2011, 05:56:53 pm »
If you are trying to block p2p, there are 2 ways : modem or router.

I configured my modem, with a combination of keyword filtering and blocking port, and nothing goes through!!!

First you need a modem with keyword/content filtering feature. Example : Zyxel P660hw.

Block the following keywords:

torrent
peer
announce
seed
info_hash
track

and block the following ports:

1337
2700-2800
3410
4000-65000

Don't forget to open the port in that range if you are using games online such as special force (tcp 27930-27931 UDP 20000-20200)
or camfrog (6005)

 

anything