« 关掉 BBSD - 郁闷的一天 | Main | 减少IO吃内存打造无盘squid »
April 2, 2005
BT 杀手 - ipp2p
|
版权声明:可以任意转载,转载时请务必以超链接形式标明文章原始出处和作者信息及本声明。 https://windtear.net/archives/2005/04/02/000617.html http://windtear.net/archives/2005/04/02/000617.html BT 为资源共享带来了便捷 同时也带来了巨大的问题 去年曾用了一下 惊呆于其资源占用 然后就立即不用了 如今不少地方从多方面考虑 都不允许用BT下载 那么如何封禁 BT 呢 ipp2p 是一个选择 IPP2P is a netfilter extension to identify P2P filesharing traffic. The main goal for developing IPP2P was giving the adminstrator a dynamic tool to filter the traffic in an intelligent way. So it doesn't aim at prohibiting all P2P traffic but make it possible to shape this traffic to a given rate. For this purpose IPP2P searchs the payload of TCP packets for signaling patterns of P2P networks. As these patterns are not beeing present in all P2P packets we had to use some other netfilter extensions in order to get the whole IPP2P package working as already described. IPP2P works togeter with connection tracking and connection marking - in that way you can catch the bigger part of all P2P packets and limit the bandwidth rate. The name IPP2P comes on the one side from IP (internet protocol) and on the other from P2P (short for peer-to-peer). Writing both shortcuts in big letter in german I entitled IPP2P also in big letters. As new matches for netfilter are labeled in small letters the IPP2P-files and netfilter options are in small letters too. I know this is a little bit confusing :-) -m ipp2p --ipp2pThus a complete and simple filterrule using IPP2P would look like this: iptables -A FORWARD -m ipp2p --ipp2p -j DROP iptables -A PREROUTING -p tcp -m ipp2p --ipp2p -j MARK --set-mark 1 http://rnvs.informatik.uni-leipzig.de/ipp2p/docu_en.html http://rnvs.informatik.uni-leipzig.de/ipp2p/links_en.html |
Posted by windtear at April 2, 2005 11:53 PM
