I would like to ask if it is possible to block p2p bandwidth using NS (ipp2p or layer-7 filtering). I wanted to put a break on downloading files via torrent other P2Ps. It was in the roadmap 2 years ago as per http://dev.nethserver.org/issues/1770.
On documentation, it states that it can block P2P traffic by the IPS module’s Security settings, but I do not see any options to perform it. What I have found are the following:
Traffic Shaping
Firewall Objects and create a rule
However, since a lot of p2p applications are port hoppers, it will fail to do its purpose.
If not, I would like to add this to feature request for easy administration.
I did some tests in the past with ipp2p and it’s no longer effective.
I didn’t test l7-filter, is there anybody with experience?
Cisco OpenAppId seems promising, I have a working prototype for detection using snort, but it’s not really effective in blocking.
Something like l7-filter or ndpi would have my preference, because we could write firewall rules using the protocol as a selector.
I will be happy to develop this feature if someone with experience helps me.
I could not help by coding, but perhaps one or two suggestion(s) can give the light.
Are the guys from the BackBox project ( from Italy ) http://www.backbox.org/ could help?
There’s some news about the layer 7 filtering?
We use nethserver on our university webradio in Cesena, and for the agreement with GARR (our internet provider) I need to prevent the use of torrent to all ones that use our lan and wireless network.
Thanks, Matteo
This blocks site navigation. Someone can have uTorrent or similar already open on his notebook, and when it connect to our WiFi, starts to share. I need to prevent this, not the navigation
Another workaround for this could be to close all outgoing ports and open only HTTP, HTTPS, IMAP, POP3, DNS, for the BLUE Zone (usually used for Guest WiFI).
that there must be something regarding “a customised Linux kernel with the additional xt_ndpi module” in the Software center (NS 7RC1) but I don’t find anything there.
Maybe is “hidden” in another package? Which package?
TIA,
Gabriel
EDIT:
Why DPI package is in the Everything section of the Software center and not in the Firewall section?