[CentOS] Centos as Gateway ? (Router/transparent proxy)
Ljubomir Ljubojevic
office at plnet.rs
Mon May 2 19:30:10 UTC 2011
John R Pierce wrote:
> On 05/02/11 6:31 AM, Kai Schaetzl wrote:
>> Correct. The easy solution is to ban bittorrent and other P2P services.
>
>
> not as easy as it sounds. those services are remarkably agile at
> dodging firewall rules
>
P2P always happens on much higher ports and if you create rules that
block destination ports higher then 1024, with exceptions of VNC, etc
ports, you can pretty much limit abuse. Also worth noting is iptables
rule for limiting the number of connections for those higher ports, and
using HTB bandwidth limiting with giving priority to regular traffic.
Ljubomir, 7 years small WISP.
More information about the CentOS
mailing list