Mark Chong wrote at 2010-08-01 18:28 -0500: > Not if you run the p2p daemon as a specific user ie 'deluge' etc. > You can also setup a group for all your p2p software to use, which you > can share to access the files, then use something like > iptables -A OUTPUT -m owner --gid-owner p2p .... > > Of course it's far more useful to be able to match traffic on a router > between the pc with p2p and the internets, but then its harder to match > which pkts are p2p. If you trust the machine traffic is coming from > then you could use xt_owner on the machine generating the traffic to > accurately mark the p2p pkts then set the TOS bit or something so the > router can easily identify which pkts are p2p. > Alternatively if you have control over the box generating the p2p then > using port based rules would be easier again. None of this works because I don't have control over the client systems. > I tried http://l7-filter.sourceforge.net/ without my success, there is > also http://www.ipp2p.org/ but i think that is no longer maintained and > I haven't tried it. > In my experience I've found guessing p2p traffic on simply large udp > pkts is more successful than these filters, especially now most p2p > clients support encryption etc. Could you please include the parameters you use? What UDP sizes? And does bittorrent not use TCP?
Description: Digital signature