[Firehol-support] firehol cooperation with moblock?
Przemek Swiderski
spam-firehol at dom.vizavi.pl
Tue May 2 19:28:39 BST 2006
Hello,
I use firehol and moblock (P2P peer blocker http://moblock.berlios.de/)
Moblock require to set rule like:
iptables -A OUTPUT -p tcp -m state --state NEW -j NFQUEUE
iptables -A INPUT -p tcp -m state --state NEW -j NFQUEUE
I want to integrate moblock with firehol. Is there a simple method to do
this?
If not I imagine that it could be done in that way:
interface eth0 lan0
server torrent accept target MOBLOCK
^^^^^^^^^^^^^^
or similiar to "reject with tcp-reset"
with target TABLENAME
or
with accept_rule TABLENAE
this firehol rule should create iptables rules:
iptables -A in_lan0_torrent_s2 -p tcp -m tcp --sport 1024:65535 --dport 6881 -m state --state NEW,ESTABLISHED -j MOBLOK
only difference to standard commant is -j MOBLOCK instead of -j ACCEPT
Now we can and create table MOBLOCK (outside firehol or by using iptables
statement in firehol.conf):
iptables -N MOBLOK
iptables -A MOBLOK -m state --state ESTABLISHED -j ACCEPT
iptables -A MOBLOK -m state --state NEW -j QUEUE
Is it difficult to implement?
Regards,
Przemek
More information about the Firehol-support
mailing list