0

Is it possible to slow down/throttle P2P traffic using iptables.

I am running IPtables on a Linux box which is a gateway to the intranet. Blocking P2P altogether seems to be rather difficult.

So I was thinking if there is a way to slow it down, so that it becomes useless for the user & also saves bandwidth. Googling showed me that it may be possible by using connlimit/limit-burst for doing this, but I can't find a detailed write up on this? Any iptables expert to help out with this using particular characteristics of P2P traffic. Also will this work with encrypted P2P also?

There may be 50 to 100 machines behind the gateway.

Genboy
  • 69
  • 1
  • 9
  • Encrypted p2p is on my tab for years. I guess there is no free/opensource solution to shape/limit this type of traffic. I hope someone will post some relevant information on this topic. – Paul Feb 04 '11 at 11:10

1 Answers1

1

OpenDPI, L7-filter and IP2P block P2P. Also, block 6969 6880-6890 port. And you can shape traffic to high port(>20000) by connlimit or tc.

alvosu
  • 8,437
  • 25
  • 22
  • Will OpenDPI, L7-filter, IP2P also block encrypted P2P? How will they figure out it's P2P if it's encrypted? – Genboy Feb 04 '11 at 09:17
  • OpenDIP, L7-filter and IP2P not support the detection of encrypted protocols. BitTorrent encrypt P2P traffic, but traffic to tracker not encrypt. PACE(http://www.ipoque.com/products/pace-application-classification) support detection of encrypted protocols. – alvosu Feb 04 '11 at 09:37