On Thu, Feb 25, 2010 at 6:39 AM, Eero Volotinen <eero.volotinen at iki.fi>wrote: > 2010/2/25 Roland RoLaNd <r_o_l_a_n_d at hotmail.com>: > > > > Hello, > > > > i have internet usage rules for all of my network. > > only 2 servers have full access to the internet.. > > lately i've noticed that lots of traffic being produced by the servers .. > > is there a way to know whose using port forwarding to my server so they > access the internet ? > > or is there a way to block people from doing such a thing ? > > Err. Disable ip_forward&nat on server and limit connections on main > firewall .. > > -- > Eero > > @Eero: Don't be so literal. You need to read the whole messages and understand the problem. Just because someone calls something "forwarding" doesn't mean they are speaking in the literal Linux kernel sense of the word. @Roland: In addition to what some other posters have said, look at who is logged in to the server at the time. You might find some open SSH sessions that are using port forwarding. You can disable this by setting "AllowTcpForwarding no" in the sshd_config, but if users have shell, it will be very difficult to stop it. You also might want to see if there is a proxy setup, or something like that. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20100225/99180a4e/attachment-0005.html>