1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

block p2p help needed

Discussion in 'DD-WRT Firmware' started by cfrank30, Nov 15, 2005.

  1. cfrank30

    cfrank30 Network Guru Member

    Hy,

    i have a question concerning p2p.

    A friend of me (student) is sharing his internet connection with some friends (cost reason).

    He want to prevent that the friends are using bearshare and other p2p.

    The mainrouter is a wrt54gs 1.1 with dd-wrt

    The others are connecting to the main Router with another Router for security reasons.

    Main Internet Connection - Wrt - friends connecting with cheap routers to the main Router.

    Is it possible with iptables to block this traffic. When i directly connect with a Computer to the Mainrouter the blocking works. But the friends connected with another Router to the wrt can easily use bearshare for example. My question is why.

    im using folowing command: iptables -I FORWARD 1 -m ipp2p --ipp2p -j DROP
     
  2. cfrank30

    cfrank30 Network Guru Member

    Kazaa

    How good is the Kazaa blocking, what are the experiences. Because Bearshare blocking works perfectly but kazaa not :(

    are there other options to block kazaa better. He is connecting very fast and download also very good :(

    In this config above bearshare is blocked totally :) but kazaa not

    Please hep to block kazaa better because its driving him crazy....
     
  3. robmack

    robmack Network Guru Member

    Use FWbuilder

    DD-WRT comes with netfilter and a default rulebase. It is possible to configure the rulebase through the DD-WRT GUI but it is primative. If you need granular control over access, then your friend should use FWbuilder.

    FWbuilder is a GUI frontend for netfilter that models itself after Checkpoint's GUI. It simplifies the building of complex netfilter rules.

    In your friend's case, he can filter traffic from the downstream router, allowing only certain protocols through and denying all other protocols; that is the most secure setup.

    Go to the FWbuilder site and download the software. There is also a short introduction to FWbuilder on DD-WRT on the Wiki site. In fact, there is a complete slideshow about how to write a netfilter policy for a Linksys router and upload it to the router.
     

Share This Page