[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ipp2p y iptables (error raro)

Hola

Encontre esto en google, por ahi te sirve.

https://lists.netfilter.org/pipermail/netfilter-buglog/2006-March/000785.html

¿ una consulta ?

Yo uso ipp2p para bloquear p2p incluyendo Ares, me funcionaba bien, pero hace un tiempo no lo esta bloqueando (al Ares).

Ares aparece desconectado pero hay trafico de subida y bajada.

¿ Has probado el bloqueo del Ares ?

roberto



2006/3/21, Fernando <zedrant@gmail.com>:
Hola me propuse implementar el ipp2p en mi server me baje la fuente de
iptables 1.3.5 y la ultima version estable de ipp2p y compilo todo bien,
ahora cuando quiero poner las reglas me tira un error de iptables busque
por todos lados y no aparece nada. Tiro un poco de info tecnica por ahi
alguien le paso lo mismo y me puede ayudar.

debian:~# iptables -V
iptables v1.3.5
debian:~# iptables -m ipp2p --help
iptables v1.3.5

Usage: iptables -[AD] chain rule-specification [options]
       iptables -[RI] chain rulenum rule-specification [options]
       iptables -D chain rulenum [options]
       iptables -[LFZ] [chain] [options]
       iptables -[NX] chain
       iptables -E old-chain-name new-chain-name
       iptables -P chain target [options]
       iptables -h (print this help information)

Commands:
Either long or short options are allowed.
  --append  -A chain            Append to chain
  --delete  -D chain            Delete matching rule from chain
  --delete  -D chain rulenum
                                Delete rule rulenum (1 = first) from chain
  --insert  -I chain [rulenum]
                                Insert in chain as rulenum (default 1=first)
  --replace -R chain rulenum
                                Replace rule rulenum (1 = first) in chain
  --list    -L [chain]          List the rules in a chain or all chains
  --flush   -F [chain]          Delete all rules in  chain or all chains
  --zero    -Z [chain]          Zero counters in chain or all chains
  --new     -N chain            Create a new user-defined chain
  --delete-chain
            -X [chain]          Delete a user-defined chain
  --policy  -P chain target
                                Change policy on chain to target
  --rename-chain
            -E old-chain new-chain
                                Change chain name, (moving any references)
Options:
  --proto       -p [!] proto    protocol: by number or name, eg. `tcp'
  --source      -s [!] address[/mask]
                                source specification
  --destination -d [!] address[/mask]
                                destination specification
  --in-interface -i [!] input name[+]
                                network interface name ([+] for wildcard)
  --jump        -j target
                                target for rule (may load target extension)
  --match       -m match
                                extended match (may load extension)
  --numeric     -n              numeric output of addresses and ports
  --out-interface -o [!] output name[+]
                                network interface name ([+] for wildcard)
  --table       -t table        table to manipulate (default: `filter')
  --verbose     -v              verbose mode
  --line-numbers                print line numbers when listing
  --exact       -x              expand numbers (display exact values)
[!] --fragment  -f              match second or further fragments only
  --modprobe=<command>          try to insert modules using this command
  --set-counters PKTS BYTES     set the counter during insert/append
[!] --version   -V              print package version.

IPP2P v0.8.0 options:
--ipp2p        Grab all known p2p packets
--edk          [TCP&UDP]       All known eDonkey/eMule/Overnet packets
--dc           [TCP]           All known Direct Connect packets
--kazaa        [TCP&UDP]       All known KaZaA packets
--gnu          [TCP&UDP]       All known Gnutella packets
--bit          [TCP&UDP]       All known BitTorrent packets
--apple        [TCP]           All known AppleJuice packets
--winmx        [TCP]           All known WinMX
--soul         [TCP]           All known SoulSeek
--ares         [TCP]           All known Ares

DEBUG SUPPPORT, use only if you know why
--debug                Generate kernel debug output, THIS WILL SLOW
DOWN THE FILTER

Note that the follwing options will have the same meaning:
'--ipp2p' is equal to '--edk --dc --kazaa --gnu --bit --apple --winmx
--soul --ares'

IPP2P was intended for TCP only. Due to increasing usage of UDP we
needed to change this.
You can now use -p udp to search UDP packets only or without -p switch
to search UDP and TCP packets.

See README included with this package for more details or visit
http://www.ipp2p.org

Examples:
iptables -A FORWARD -m ipp2p --ipp2p -j MARK --set-mark 0x01
iptables -A FORWARD -p udp -m ipp2p --kazaa --bit -j DROP
iptables -A FORWARD -p tcp -m ipp2p --edk --soul -j DROP

debian:~# iptables -A FORWARD -m ipp2p --ipp2p -j MARK --set-mark 0x01
iptables: Unknown error 4294967295


Desde ya muchas gracias


--
To UNSUBSCRIBE, email to debian-user-spanish-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org




--
Ing. Roberto Pereyra
ContenidosOnline
Servidores BSD, Solaris y Linux
Soporte técnico ISPs
Jabber ID: rpereyra@lugmen.org.ar

For reliable and professional DNS, use DNS Made Easy!
            http://www.dnsmadeeasy.com/u/14989
Reply to: