block p2p traffic in a bridge

Home Page Forums Network Management ZeroShell block p2p traffic in a bridge

This topic contains 3 replies, has 0 voices, and was last updated by  rpereyra 11 years, 7 months ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #40734

    rpereyra
    Member

    HI all !!

    A simple question:

    I have a ADSL router and I configured a zeroshell bridge betheen the router and mi network.

    inet—-adsl router —-zeroshell bridge — my net

    The bridge works well because I have internet service in my net.

    I wan’t to use the bridge only to block p2p traffic in/out my net.

    How I can do it ?

    I left the default firewall policy ACCEPT and add a new line with a DROP policy using ipp2p in the BRIDGE0 (in) and BRIDGE0 (out) interphace.

    But that not works !!!

    Please somebody can help me ? I only want to block p2p traffic.

    Thanks to all for zeroshell !! zeroshell is greath !!

    Roberto

    #45756

    imported_fulvio
    Participant

    In your drop rules you must not indicate the bridge interface BRIDGE00 but its components (ETH00,ETH01). A better solution is to not select any interface at all. In this case any p2p packet is not forwarded regardless of the input and output interfaces.

    Regards
    Fulvio

    #45757

    rpereyra
    Member

    Thanks !!! now works.

    Roberto

    #45758

    ofer
    Member

    I setup firewall rules to drop all P2P packets and used all the P2P L7 protocols. When I fire up limewire it does seem as if it’s taking it longer to find files, and many files still won’t download. But after a few minutes all the files seem to ‘find a way’ and they start downloading.

    I also tried with QoS and saw that P2P traffic was used and identified, but very quickly the stats showed that P2P traffic was no longer used and default traffic was passing.

    I am using a Mac. On the PC side I think it’s blocking it ok but on the Mac side it somehow finds a way around the filters after a few minutes. Any ideas?

    #45759

    imported_fulvio
    Participant

    Try to post on the l7-filter-users(a)lists.sf.net mailing list for L7 filters and
    lartc(a)mailman.ds9a.nl for IPP2P.

    Regards
    Fulvio

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.