ipchains filter - am i doing this right?

ipchains filter - am i doing this right?

Post by Dan Johns » Sun, 02 Dec 2001 03:59:20



Hello! Im trying to filter out kazaa on my firewall. The users
behind it are consuming all of my bandwidth. I setup an ipchains
script rejecting some popular non-essential ports, but
when I list the masq activity it show that machines are still
connecting to port 1214. Are they really or are they trying?

My ghetto ipchains script:

# Morpheus - Kazaa
ipchains  -A output  -p udp -s 0/0 --destination-port 1214 -j REJECT
ipchains  -A output  -p tcp -s 0/0 --destination-port 1214 -j REJECT
ipchains  -A input  -p udp -s 0/0 --destination-port 1214 -j REJECT
ipchains  -A input  -p tcp -s 0/0 --destination-port 1214 -j REJECT
etc

ipchains L M Information
.
TCP  10:09.51 192.168.0.76        somecomputer.location    1436
(61882) -> 1214
UDP  01:49.29 192.168.0.210        mydns.mydomain.com   2379 (61981)
-> domain
TCP  14:23.05 192.168.0.159        someothercomputer.location 1031
(64380) -> 1214
UDP  04:00.84 192.168.0.192        awebsite.somewhere.com   1096
(62239) -> www
etc.

It appears theyre still connecting to port 1214. Am I doing
something wrong or am I miss under standing the ipchains
L M information?

Thanks!

 
 
 

1. ipchains filter - am i doing this right? (Sorry)

I apologize for the previous gibberish post...

Hello! I'm trying to filter out kazaa on my firewall. The users behind
it are consuming all of my bandwidth. I setup an ipchains script
rejecting some "popular" non-essential ports, but when I list the masq
activity it show that machines are still connecting to port 1214. Are
they really or are they trying?

My ghetto ipchains script:

# Morpheus - Kazaa
ipchains  -A output  -p udp -s 0/0 --destination-port 1214 -j REJECT
ipchains  -A output  -p tcp -s 0/0 --destination-port 1214 -j REJECT
ipchains  -A input  -p udp -s 0/0 --destination-port 1214 -j REJECT
ipchains  -A input  -p tcp -s 0/0 --destination-port 1214 -j REJECT
etc...

"ipchains -L -M" Information

TCP  10:09.51 192.168.0.159        somecomputer.location    1436
(61882) -> 1214
UDP  01:49.29 192.168.0.166        mydns.mydomain.com   2379 (61981)
-> domain
TCP  14:23.05 192.168.0.159        someothercomputer.location 1031
(64380) -> 1214
UDP  04:00.84 192.168.0.192        awebsite.somewhere.com   1096
(62239) -> www
etc...

It appears they're still connecting to port 1214. Am I doing something
wrong or am I miss under standing the "ipchains -L -M" information?

Thanks!

2. Simple internal inputs on standard PC compatibles

3. Shutdown problems...am I doing it right?

4. Linux PCI booting problem

5. RedHat 5.2 dialler - am i doing it right ?

6. Totally wierd problem with multilink-PPP over an ISDN TA

7. LVM...am I doing this right?

8. Boot Disk Version

9. Am I doing this right?

10. SetEnvIf-Am I doing this right?

11. This clone thing...am I stupid, or am I right?

12. Am I touchy? Or am I right?