[Firehol-support] howto block p2p in network

Moacyr Leite da Silva moacyrs at akadnyx.com.br
Fri Dec 12 12:53:08 GMT 2003


Hi,


Can some help to block p2p in my network? I tryed the config bellow with no
luck.

Regards
Moacyr


####
version 5

        server_kaaza_ports="tcp/3531"
        client_kaaza_ports="default"

        transparent_squid 8080 "squid root" inface eth1


interface eth0 internet src not "${UNROUTABLE_IPS}"

        policy drop
        protection strong
        server ident reject with tcp-reset

        server http     accept
        server https    accept
        server dns      accept
        server smtp     accept
        server ssh      accept
        server jabberd  accept
        server jabber   accept
        server kaaza    deny

        client all accept

interface eth1 lan

        policy accept

        server all accept

        client all accept


router lan2internet inface eth1 outface eth0
        masquerade
        route kaaza deny
        route "http https ftp" accept
        route "ssh ntp ping" accept
        route "GRE AH ESP isakmp pptp" accept
        route "vnc irc msn" accept





More information about the Firehol-support mailing list