Linux Filter and block P2P network traffic such as Kazaa / Bittorrent with ipp2p

last updated in Categories Howto, Linux, Networking, Security, Tips, Tuning

Well, personally I’m all set to freedom and open internet culture. However, in corporate and in an academic environment you will always find abuse smart users. Large and medium size corporate institutional networks suffer now a days from “smart” users who try to get their latest Movie/soft/Music/TVShow downloaded in their office.


Beside the moral/legal dispute these activities present the network admins with some troubles. To begin with a considerable downgrade in the network performance, and the need to comply with local policy and legal restrictions, and of course the admins needs to have full band with for they own downloads.

ipp2p is a reasonable stable product, I ‘ve use it for 2 years in a large network 4 class C networks in an university environment. Users were use to abuse the network for personal downloads, and after chasing and punishing them for some time we chose to block the traffic once and for all.

Read more at debian-administration: Filtering P2P network traffic with ipp2p.

On a related note we use application layer packet classifier for Linux called L7-filter:

L7-filter is a classifier for Linux’s Netfilter that identifies packets based on application layer data. It can classify packets as Kazaa, HTTP, Jabber, Citrix, Bittorrent, FTP, Gnucleus, eDonkey2000, etc., regardless of port. It complements existing classifiers that match on IP address, port numbers and so on.
Our intent is for l7-filter to be used in conjunction with Linux QoS to do bandwidth arbitration (“packet shaping”) or traffic accounting.

Also if user tunnel packets through SSL or uses encrypt them, none of these technique will work as software classify them as SSL, so your smart user still have a way out 😉 Trust me I’ve seen logs of largest broadband ISP in India and 60-80% traffic is p2p only.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.


3 comment

  1. Hi vivek – thank you for sharing this great tool, however when I visited the site, it says:

    IPP2P is not supported any longer. Please check!

    Can you comment on this?

    Also, how do I install this thing? Can you just please provide the steps and the basics of this information – then I will do my homework.

    Thank you!

Leave a Comment