> -----Original Message----- > From: Fadel [mailto:[EMAIL PROTECTED] > Sent: Tuesday 19 November 2002 16:05 > To: "debian-security@lists.debian.org"@plutao.siteplanet.com.br > Subject: > > > Hi there, > > I got a trouble in my network while trying to block Kazaa. > I tried to drop port 1214 with this rule: > > iptables -A FORWARD --dport 1214 -j DROP > > but this doesn't work. so I did sniffing to see what kind of > packets and > ports kazaa uses and I saw that it searches for servers in > different ports. > later, I read in various texts around the net, but all > recommend to block > port 1214 and kazaa site. this probably worked in version 1. > > how could I block kazaa, since I need accept connections in > high ports? >
You need not accept connections on high ports. Use netfilter connection tracking , especially ESTABLISHED and RELATED states. http://www.netfilter.org has docs for that.
