[CentOS-es] ipp2p sobre centos 5

Enrique Quezada equezada en kike.ath.cx
Mie Sep 23 01:58:37 UTC 2009 

> [root en ns ~]# find /lib64/iptables -name libipt_ipp2p.so
> /lib64/iptables/libipt_ipp2p.so
>
>
> [root en ns ~]# iptables -m ipp2p --help
> iptables v1.3.5
>
> Usage: iptables -[AD] chain rule-specification [options]
>        iptables -[RI] chain rulenum rule-specification [options]
>        iptables -D chain rulenum [options]
>        iptables -[LFZ] [chain] [options]
>        iptables -[NX] chain
>        iptables -E old-chain-name new-chain-name
>        iptables -P chain target [options]
>        iptables -h (print this help information)
>
> Commands:
> Either long or short options are allowed.
>   --append  -A chain        Append to chain
>   --delete  -D chain        Delete matching rule from chain
>   --delete  -D chain rulenum
>                 Delete rule rulenum (1 = first) from chain
>   --insert  -I chain [rulenum]
>                 Insert in chain as rulenum (default 1=first)
>   --replace -R chain rulenum
>                 Replace rule rulenum (1 = first) in chain
>   --list    -L [chain]        List the rules in a chain or all chains
>   --flush   -F [chain]        Delete all rules in  chain or all chains
>   --zero    -Z [chain]        Zero counters in chain or all chains
>   --new     -N chain        Create a new user-defined chain
>   --delete-chain
>             -X [chain]        Delete a user-defined chain
>   --policy  -P chain target
>                 Change policy on chain to target
>   --rename-chain
>             -E old-chain new-chain
>                 Change chain name, (moving any references)
> Options:
>   --proto    -p [!] proto    protocol: by number or name, eg. `tcp'
>   --source    -s [!] address[/mask]
>                 source specification
>   --destination -d [!] address[/mask]
>                 destination specification
>   --in-interface -i [!] input name[+]
>                 network interface name ([+] for wildcard)
>   --jump    -j target
>                 target for rule (may load target extension)
>   --goto      -g chain
>                               jump to chain with no return
>   --match    -m match
>                 extended match (may load extension)
>   --numeric    -n        numeric output of addresses and ports
>   --out-interface -o [!] output name[+]
>                 network interface name ([+] for wildcard)
>   --table    -t table    table to manipulate (default: `filter')
>   --verbose    -v        verbose mode
>   --line-numbers        print line numbers when listing
>   --exact    -x        expand numbers (display exact values)
> [!] --fragment    -f        match second or further fragments only
>   --modprobe=<command>        try to insert modules using this command
>   --set-counters PKTS BYTES    set the counter during insert/append
> [!] --version    -V        print package version.
>
> IPP2P v0.8.2 options:
>  --ipp2p    Grab all known p2p packets
>  --edk        [TCP&UDP]    All known eDonkey/eMule/Overnet packets
>  --dc        [TCP]         All known Direct Connect packets
>  --kazaa    [TCP&UDP]     All known KaZaA packets
>  --gnu        [TCP&UDP]    All known Gnutella packets
>  --bit        [TCP&UDP]    All known BitTorrent packets
>  --apple    [TCP]         All known AppleJuice packets
>  --winmx    [TCP]         All known WinMX
>  --soul        [TCP]         All known SoulSeek
>  --ares        [TCP]         All known Ares
>
>  EXPERIMENTAL protocols (please send feedback to: ipp2p en ipp2p.org) :
>  --mute        [TCP]        All known Mute packets
>  --waste    [TCP]        All known Waste packets
>  --xdcc        [TCP]        All known XDCC packets (only xdcc login)
>
>  DEBUG SUPPPORT, use only if you know why
>  --debug        Generate kernel debug output, THIS WILL SLOW DOWN THE
> FILTER
>
> Note that the follwing options will have the same meaning:
>  '--ipp2p' is equal to '--edk --dc --kazaa --gnu --bit --apple --winmx
> --soul --ares'
>
> IPP2P was intended for TCP only. Due to increasing usage of UDP we
> needed to change this.
> You can now use -p udp to search UDP packets only or without -p switch
> to search UDP and TCP packets.
>
> See README included with this package for more details or visit
> http://www.ipp2p.org
>
> Examples:
>  iptables -A FORWARD -m ipp2p --ipp2p -j MARK --set-mark 0x01
>  iptables -A FORWARD -p udp -m ipp2p --kazaa --bit -j DROP
>  iptables -A FORWARD -p tcp -m ipp2p --edk --soul -j DROP
>
> [root en ns ~]#

Muy extraño Gino, al parecer todo esta correcto ya que hubiese existido
algún problema con la instalación y configuración el comando debería haber
mostrado error. Realmente no sabría ahora ya a que recurso recurrir :(

Saludos.



-- 
Enrique Quezada R.
Linux Counter #417515
Freenode #centos-es

Más información sobre la lista de distribución CentOS-es