[CentOS] Centos as Gateway ? (Router/transparent proxy)

Mon May 2 19:30:10 UTC 2011
Ljubomir Ljubojevic <office at plnet.rs>

John R Pierce wrote:
> On 05/02/11 6:31 AM, Kai Schaetzl wrote:
>> Correct. The easy solution is to ban bittorrent and other P2P services.
> not as easy as it sounds.   those services are remarkably agile at 
> dodging firewall rules
P2P always happens on much higher ports and if you create rules that 
block destination ports higher then 1024, with exceptions of VNC, etc 
ports, you can pretty much limit abuse. Also worth noting is iptables 
rule for limiting the number of connections for those higher ports, and 
using HTB bandwidth limiting with giving priority to regular traffic.

Ljubomir, 7 years small WISP.