Monday, August 02, 2010

Re: controlling p2p & bittorrent

Mark Chong wrote at 2010-08-01 18:28 -0500:
> Not if you run the p2p daemon as a specific user ie 'deluge' etc.
> You can also setup a group for all your p2p software to use, which you
> can share to access the files, then use something like
> iptables -A OUTPUT -m owner --gid-owner p2p ....
>
> Of course it's far more useful to be able to match traffic on a router
> between the pc with p2p and the internets, but then its harder to match
> which pkts are p2p. If you trust the machine traffic is coming from
> then you could use xt_owner on the machine generating the traffic to
> accurately mark the p2p pkts then set the TOS bit or something so the
> router can easily identify which pkts are p2p.
> Alternatively if you have control over the box generating the p2p then
> using port based rules would be easier again.

None of this works because I don't have control over the client systems.

> I tried http://l7-filter.sourceforge.net/ without my success, there is
> also http://www.ipp2p.org/ but i think that is no longer maintained and
> I haven't tried it.
> In my experience I've found guessing p2p traffic on simply large udp
> pkts is more successful than these filters, especially now most p2p
> clients support encryption etc.

Could you please include the parameters you use? What UDP sizes? And does
bittorrent not use TCP?

No comments:

Post a Comment