On Wed, Aug 13, 2003 at 01:07:58AM +0300, Mehmet AK wrote: | Hi there | | i want to deny kazaa , imesh etc. and chat programs our local | network . can u help me
From what I've heard about kazaa, it can't be blocked by a simple port-matching firewall rule. I've heard that it uses any and all ports it can, including 80, to try and bypass simple firewall rules. Instead you need full application-level introspection of the packets to identify kazaa traffic. The only tool I know of that does this is the load balancer Taylor U. installed a year or so ago. It's a commercial hardware device that costs somewhere on the order of $12K (USD). If you want me to find out what it is I'll get in touch with the admin at TU and pass on the info. Other than that, read the iptables documentation (found on http://netfilter.samba.org). -D -- Come to me, all you who are weary and burdened, and I will give you rest. Take my yoke upon you and learn from me, for I am gentle and humble in heart, and you will find rest for your souls. For my yoke is easy and my burden is light. Matthew 11:28-30 http://dman13.dyndns.org/~dman/
pgp00000.pgp
Description: PGP signature
