Login or Register to Ask a Question and Join Our Community


Cybersecurity

Netfilter conntracking for P2P protocols (edonkey, bittorent...)

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Netfilter conntracking for P2P protocols (edonkey, bittorent...)
# 1  
Old 05-17-2009
Netfilter conntracking for P2P protocols (edonkey, bittorent...)
Hi everyone, I would like to allow multi users to access P2P networks, so I wonder if there's a way to tracking these kind of protocols with netfilter, and also compatibility with nat, like the module conntrack_ftp seems to do with the FTP protocol.
Thanks guys.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Cybersecurity

How to use Netfilter properly with IPv6?

Hello, on a PC with Debian 8 I try to use a Bash script with Netfilter rules so that only traffic goes in and out that is wanted. For that I set all 3 default policies to "drop". The machine uses DHCP to get its IP, gateway and DNS. And I never checked so I was quite surprised that my... (1 Reply)
Discussion started by: SInt
1 Replies

2. AIX

How to disable insecure protocols?

Hello all, planning to secure AIX sever by disabling insecure protocols/cipher suites; got the below requirements from secuirty team. 1.configure the server to disable support for DES and IDEA cipher suites 2.disable insecure TLS/SSL protocol support Configure the server to... (4 Replies)
Discussion started by: Kumar7997
4 Replies

3. IP Networking

what are L2,L3 protocols.

hello forum members, What are L2 and L3 Protocols and can u brief me a bit little ie to gain a basic knowledge. Thanks & Regards Rajkumar g (1 Reply)
Discussion started by: rajkumar_g
1 Replies

4. Linux

netfilter / iptables

HI, Is the Netfilter and IPtables same? Thanks & Regards Arun (1 Reply)
Discussion started by: Arun.Kakarla
1 Replies

5. IP Networking

p2p

OK Guys I need help. I'm interest in P2p , can you recommend some books or sites about it thx in advance (0 Replies)
Discussion started by: aobai
0 Replies

6. UNIX for Dummies Questions & Answers

Intranet P2P Filesharing

I need suggestions for what to use. I need all my users to be able to share files and be able to search into all their files. I also need to control how much bandwidth they use so my network doesn't overload. I can't have my users searching/downloading directly from each other which is my... (5 Replies)
Discussion started by: GoranX
5 Replies

7. IP Networking

define IP protocols on network

what method would I use to determine which IP protocols network (0 Replies)
Discussion started by: mar mar
0 Replies

8. Programming

Help in extending netfilter

Hi everybody, I have to write a module for matching in netfilter , extending the netfilter but I'm facing some problems can somebody guide me in that. I know that I need to write matching module working in kernel space and a program in userspace. I went through the HOWTO on netfilter-hacking but... (0 Replies)
Discussion started by: Trusted Penguin
0 Replies

9. UNIX for Dummies Questions & Answers

Protocols

What protocol would be the best to use on a network with nt and unix servers and windows me clients? Can SMB protocol be used to implement large networks? What protocol can be used to make remote file systems appear as if they are local? Quite a few questions I know, any help would be... (1 Reply)
Discussion started by: jnash
1 Replies

10. UNIX for Dummies Questions & Answers

network protocols

Which network protocol is used by UNIX systems to make remote file systems appear as if they are local? (2 Replies)
Discussion started by: OLLERTON
2 Replies
Login or Register to Ask a Question

LEARN ABOUT LINUX

nat

NAT action in tc(8)						       Linux						       NAT action in tc(8)

NAME

       nat - stateless native address translation action

SYNOPSIS

       tc ... action nat DIRECTION OLD NEW

       DIRECTION := { ingress | egress }

       OLD := IPV4_ADDR_SPEC

       NEW := IPV4_ADDR_SPEC

       IPV4_ADDR_SPEC := { default | any | all | in_addr[/{prefix|netmask}]

DESCRIPTION

       The  nat  action allows to perform NAT without the overhead of conntrack, which is desirable if the number of flows or addresses to perform
       NAT on is large. This action is best used in combination with the u32 filter to allow for efficient lookups of a large number of  stateless
       NAT rules in constant time.

OPTIONS

       ingress
	      Translate destination addresses, i.e. perform DNAT.

       egress Translate source addresses, i.e. perform SNAT.

       OLD    Specifies addresses which should be translated.

       NEW    Specifies addresses which OLD should be translated into.

NOTES

       The  accepted address format in OLD and NEW is quite flexible. It may either consist of one of the keywords default, any or all, represent-
       ing the all-zero IP address or a combination of IP address and netmask or prefix length separated by a slash (/) sign.  In  any	case,  the
       mask (or prefix length) value of OLD is used for NEW as well so that a one-to-one mapping of addresses is assured.

       Address	translation  is  done  using  a  combination  of binary operations. First, the original (source or destination) address is matched
       against the value of OLD.  If the original address fits, the new address is created by taking the leading bits from  NEW  (defined  by  the
       netmask of OLD) and taking the remaining bits from the original address.

       There  is  rudimental  support for upper layer protocols, namely TCP, UDP and ICMP.  While for the first two only checksum recalculation is
       performed, the action also takes care of embedded IP headers in ICMP packets by translating the respective address therein, too.

SEE ALSO

       tc(8)

iproute2							    12 Jan 2015 					       NAT action in tc(8)