On Fri, Jul 24, 2009 at 01:54:35PM +0400, James Brown wrote: > As a specialist in the matters of blocking P2P, could you advice any > mesuares for users for avoding blocking P2P from company/country's > firewall etc.? > I am afraid that the terrible Pustin's dictatorial regim intend to take > measures banning P2P, VoIP etc. in Russia: > > http://www.point.ru/news/stories/20598/
I just have a perl script run every minute that checks the netfilter connection tracking for things that behave like p2p traffic and then firewalls that connection for an hour. It has been rather effective so far. I had to add an exception for very low bandwidth p2p traffic in order to allow skype. Fortunately none of the actualy p2p file sharers are willing to try and share files that slowly so it works OK. Occationally something gets through in which case we just track down who is flooding the internet link and go apply a clue bat. :) One person got annoying enough that they are now restricted to ftp, http and https traffic only. All other traffic is blocked for that user. They haven't complained yet. Expensive packet inspection tools would probably work better, but I don't have one and really don't want to have to have one. -- Len Sorensen -- To UNSUBSCRIBE, email to debian-laptop-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
