[Fwd: Re: Firewall and Proxy]

To: debian-user <debian-user@lists.debian.org>
Subject: [Fwd: Re: Firewall and Proxy]
From: Micha Feigin <michf@math.tau.ac.il>
Date: 07 Aug 2003 23:26:21 +0300
Message-id: <[🔎] 1060287980.3351.13.camel@litshi.luna.local>

> On Wed, 2003-08-06 at 17:10, Mehmet AK wrote:
> > Hi 
> >  
> > I am using Linux Server in my Company.  Personel usally using kazaa ,
> > imesh and downloading mp3 files on the web. That so our internet is
> > down. 
> > i want configure firewals against these programs and downloading. Can
> > you help me
> 
> Don't have much experience with that, but if I am not mistaken its going
> to be hard to do without installing a proxy and then allowing internet
> connection only through the proxy. You can then block all connections
> going out except those originating from the proxy server.
> The fact that you are behind a firewall already blocks some of the
> traffic since they can only connect to servers that are not behind a
> firewall, but these programs don't use a specific port for outgoing
> connections and I don't think a standard firewall can understand these
> packets.
> I suppose that asking people not to use p2p programs is not a workable
> option.
> 

Actually quite stupid of me. You can configure the firewall to block
outgoing traffic based on the target port. Don't know the firewall
command since I am using webmin to configure shorewall, but the target
ports you wan't to block are:
6882,4444,4662,1214,6346,9999,9074,2234
That covers just about all the p2p servers.
I think that should do the job.

Reply to:

Prev by Date: depmod -a complains about lirc_serial
Next by Date: Re: How to set two IP addresses on the same NIC?
Previous by thread: depmod -a complains about lirc_serial
Next by thread: Help needed with getting USB working on a new install
Index(es):
- Date
- Thread