Loading ...Linux Filter and block P2P network traffic such as Kazaa / Bittorrent with ipp2p
Well, personally I'm all set to freedom and open internet culture. However, in corporate and in an academic environment you will always find abuse smart users. Large and medium size corporate institutional networks suffer now a days from "smart" users who try to get their latest Movie/soft/Music/TVShow downloaded in their office.
Beside the moral/legal dispute these activities present the network admins with some troubles. To begin with a considerable downgrade in the network performance, and the need to comply with local policy and legal restrictions, and of course the admins needs to have full band with for they own downloads.
ipp2p is a reasonable stable product, I 've use it for 2 years in a large network 4 class C networks in an university environment. Users were use to abuse the network for personal downloads, and after chasing and punishing them for some time we chose to block the traffic once and for all.
Read more at debian-administration: Filtering P2P network traffic with ipp2p.
On a related note we use application layer packet classifier for Linux called L7-filter:
L7-filter is a classifier for Linux's Netfilter that identifies packets based on application layer data. It can classify packets as Kazaa, HTTP, Jabber, Citrix, Bittorrent, FTP, Gnucleus, eDonkey2000, etc., regardless of port. It complements existing classifiers that match on IP address, port numbers and so on.
Our intent is for l7-filter to be used in conjunction with Linux QoS to do bandwidth arbitration ("packet shaping") or traffic accounting.
Also if user tunnel packets through SSL or uses encrypt them, none of these technique will work as software classify them as SSL, so your smart user still have a way out 
Trust me I've seen logs of largest broadband ISP in India and 60-80% traffic is p2p only.
Want to stay up to date with the latest Linux tips, news and announcements? Subscribe to our free e-mail newsletter or full RSS feed to get all updates.
You can Email this page to a friend.
You may also be interested in...
- Linux Iptables block all network traffic
- Linux Iptables block incoming access to selected or specific ip address
- Linux : Iptables # 4 Block all incoming traffic but allow ssh
- Linux Iptables block outgoing access to selected or specific ip address
- Linux : Iptables #1 Basic concepts
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!
Tags: block bittorrent, block kazaaz, ipp2p p2p filtering, iptables block bittorrent, iptables block kazaa, iptables block p2p traffic, network firewall, packet shaping ~ Last updated on: November 15, 2007
Recent Comments
Today ~ 2 Comments
Today ~ 37 Comments
Today ~ 1 Comment
Yesterday ~ 12 Comments
Yesterday ~ 2 Comments