$Id: FAQ,v 1.8 2004/02/14 20:29:08 liquidk Exp $

iptables-p2p FAQ
================


1. How do I limit p2p traffic?

  You will need to install the connmark module from patch-o-matic and mark
  packets using it.
  See the example in the examples/ directory as a starting point.

-----------------------------------------------------------------------------

2. And how do I block all p2p access to and from my network?

  Add a rule like the following one:
  iptables -A FORWARD -m p2p -j DROP

-----------------------------------------------------------------------------

3. And how do I block only certain protocols to and from my network?

  Add a rule like the following one:
  iptables -A FORWARD -m p2p --p2p-protocol fasttrack,bittorrent -j DROP

  It is also possible to use ! fasttrack to match everything but fasttrack.

-----------------------------------------------------------------------------

4. I am using a 2.6 kernel, how do I compile this?

  Just run make. The make process should detect you are using a 2.6 kernel.
  Unlike 2.4, you will have to run make as root.

-----------------------------------------------------------------------------

5. Is it possible to subvert the filter using a p2p client with custom changes?

  Possibly, altough it may not be that easy because matching is done in both
  directions.

-----------------------------------------------------------------------------

6. What protocols are supported?

  Currently the supported protocols are:

    * FastTrack (KaZaa, Grokster, ...)
    * eDonkey (eDonkey, eMule, ...)
    * Direct Connect
    * Gnutella (regular clients and Shareaza's gnutella 2)
    * BitTorrent
    * OpenFT (giFT)

  Future plans:

    * Optionally match control streams in addition to transfer streams.
    * Napster/WinMX protocol support
    * Soulseek

-----------------------------------------------------------------------------

7. Where can I find future updates to iptables-p2p?

  Just visit http://sourceforge.net/projects/iptables-p2p.

-----------------------------------------------------------------------------
