Re: Blocking Kazza
From: Jamie (surfer800@hotmail.com)Date: 07/30/02
- Next message: Jamie: "Re: Blocking Kazza"
- Previous message: Flurk: "Re: Slow ShutDown Caused by New ZoneAlarm 3.0"
- In reply to: : "Re: Blocking Kazza"
- Next in thread: Wolfgang Kueter: "Re: Blocking Kazza"
- Reply: Wolfgang Kueter: "Re: Blocking Kazza"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Jamie" <surfer800@hotmail.com> Date: Tue, 30 Jul 2002 11:33:20 GMT
Well I h ave already put those rules in place a few days ago now. And they
are not blocking
the Kazza traffic once again the problem is that Kazza is jumping ports when
port 1214 is
not available.
Read my previous posts I posted my full set of rules blocking both the sport
and dport
and it is NOT working.
Jamie
-- PGP 7.0.3 fingerprint: F447 49B1 416F FAB8 12FA 1398 E224 78E3 10DA CDEB Key ID: 0x10DACDEBThis message is the property of the sender. If you are not the intended person to receive this email then please immediately delete this email and notify the sender. For newsgroup and email this message is the property of the sender and NO portion of this message may be copy or reposted in any form with out my written consent. When written consent is obtained the Public PGP fingerprint and this legal notice must be contained in any message reposted. The message may not be altered in anyway. Copyright © 2001 - 2002 by Jamie
"Michail Pappas" <this@is.invalid> wrote in message news:ai5br3$1c50$1@ulysses.noc.ntua.gr... > ? "Wolfgang Kueter" <wolfgang@shconnect.de> ?????? ??? ?????? > news:3D434B3E.8070802@shconnect.de... > | Jamie wrote: > | > The Forward Rule is NOT the issue here get a CLUE. It is the > input/output > | > rules that are going to do the BLOCKING to allow the traffic in or out. > | > | Simply wrong, this was the case with ipchains, with iptables this has > | changed. > > Correct. Unless some form of local redirection is used (like a transparent > proxy), pass-through traffic does not hit the INPUT/OUTPUT chains, only the > FORWARD one. > > | > And don't tell me to Read the Manual because I have already been though > all > | > that and these RULES work for other blocks I have in place. It is JUST > Kazza that > | > it is not working for. > > The following rules in theory should be sufficient (BTW, > http://www.oofle.com/filesharing/KaZaa/ also confirms the use of the FORWARD > instead of the INPUT/OUTPUT chains, although it uses a REJECT rule), > although I must confess that I may be mistaken in the use of the DROP target > in a FORWARD chain: > > iptables -A FORWARD -d 213.248.112.0/24 -j DROP > iptables -A FORWARD --dport 1214 -j DROP > > - or - > > iptables -A FORWARD -d 213.248.112.0/24 -j REJECT > iptables -A FORWARD --dport 1214 -j REJECT > > I also believe that using REJECT in this case is not that bad, as long as > the packet's source is your own local network. Additionally, please note > that at least one link > (http://www.computing.net/security/wwwboard/forum/200.html) suggests that > the block 213.248.112.0/24 rule may not be sufficient. The link provides > info on additional Kazaa-related IP blocks that might be filtered as well. > > Michael.- > >
- Next message: Jamie: "Re: Blocking Kazza"
- Previous message: Flurk: "Re: Slow ShutDown Caused by New ZoneAlarm 3.0"
- In reply to: : "Re: Blocking Kazza"
- Next in thread: Wolfgang Kueter: "Re: Blocking Kazza"
- Reply: Wolfgang Kueter: "Re: Blocking Kazza"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
