How To Block Kazaa with SuSEFirewall2 in 8.2 ?
Hello. That's it!!, don't know where to look. By default SuSEfirewall its letting every traffic from inside to outside, but i need to block: kazza, imesh and similars, because my clients are sucking all the bandwith downloading mp3, videos, etc. eth0 -> internal lan 192.168.2.2 eth1 -> external lan 192.168.1.2 in /etc/sysconfig/SuSEfirewall, only changed these, everything else is as default. FW_DEV_EXT="eth1" FW_DEV_INT="eth0" FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_NETS="192.168.2.0/24" FW_SERVICES_INT_TCP="ssh" FW_CUSTOMRULES="/etc/sysconfig/scripts/SuSEfirewall2-custom" in /etc/sysconfig/scripts/SuSEfirewall2-custom, modified/added these, everything else is as default. fw_custom_after_antispoofing() { for target in LOG DROP; do for chain in input_ext input_dmz input_int forward_int forward_ext forward_dmz; do iptables -A $chain -j $target -p tcp --dport 31337 iptables -A $chain -j $target -p udp --dport 31337 iptables -A $chain -j $target -p tcp --dport 12345:12346 iptables -A $chain -j $target -p udp --dport 12345:12346 iptables -A $chain -j $target -p tcp --sport 2932 # incp iptables -A $chain -j $target -p udp --sport 2932 # incp iptables -A $chain -j $target -p tcp --sport 1081:1082 # pvuniwien:amt-esd-prot iptables -A $chain -j $target -p udp --sport 1081:1082 #pvuniwien:amt-esd-prot done done true } tcpdump showed me that kazaa used 2932, 1081 and 1082 ports to establish connection with kazaa internet servers. Please give me an advice, a direction where to look or even better the solution. Best regards. Oxiel
Thanks a lot. These are the situations that make me love my SuSE. Greetings Oxiel El Mar 19 Ago 2003 20:13, Christopher Mahmood escribió:
http://lists.suse.com/archive/suse-security/2003-Aug/0162.html
--
-ckm
Hi all, I'm currently running version 7.3 Personal on my laptop, using the basic firewall. I was wondering if the SuseFirewall2 is available with my current version. I've been looking in the Suse website and in google and haven't seen anything (yet). Thanks in advance, Carlos -- ============================================================================== "There's the sunrise on the road behind There's the sunset on the road ahead Nothing can stop you now, nothing can stop you now" Rush, Ghost Rider ==============================================================================
On Friday 22 August 2003 04:01, Carlos Colmenares wrote:
Hi all,
I'm currently running version 7.3 Personal on my laptop, using the basic firewall. I was wondering if the SuseFirewall2 is available with my current version. I've been looking in the Suse website and in google and haven't seen anything (yet).
akyek@pc121353:~> cat /etc/SuSE-release SuSE Linux 7.3 (i386) VERSION = 7.3 akyek@pc121353:~> rpm -qa|grep -i fire SuSEfirewall2-3.1-95 It works. (I used the source-rpm from SuSE 8.2). Maybe there is a newer version available; I did not check that during the last time. You _may_ need some changes because SuSE 8.2 has some differences compared to 7.3, but in general it works. Konfiguration is now in /etc/sysconfig (maybe you need to create the directory before). If you can' t do that, I can send you the RPM via PM. It's only about 80KB. Andreas
I'm currently running version 7.3 Personal on my laptop, using the basic firewall. I was wondering if the SuseFirewall2 is available with my current version. I've been looking in the Suse website and in google and haven't seen anything (yet).
ftp://ftp.suse.com/pub/suse/i386/7.3/suse/sec1/SuSEfirewall2.rpm Works O.K. S pozdravem Vaclav Brunnhofer =============================================================== | Entomologicky ustav e-mail: vbru@entu.cas.cz | | Akademie Ved Ceske Republiky tel.: 038 7775251 | | Branisovska 31 fax: 038 5310354 | | 370 05 Ceske Budejovice mobil: +420 606 632822 | ==============================================================
participants (5)
-
Andreas Kyek -
Carlos Colmenares -
Christopher Mahmood -
Oxiel Contreras -
Vaclav Brunnhofer