Iptables -A FORWARD -m string -algo bm -string "announce.php?passkey=" -j LOGDROP Iptables -A FORWARD -m string -algo bm -string ".torrent" -j LOGDROP Iptables -A FORWARD -m string -algo bm -string "peer_id=" -j LOGDROP Iptables -A FORWARD -m string -algo bm -string "BitTorrent protocol" -j LOGDROP Iptables -A FORWARD -m string -algo bm -string "BitTorrent" -j LOGDROP Iptables -A LOGDROP -j LOG -log-prefix "LOGDROP " Iptables -N LOGDROP > /dev/null 2> /dev/null I have personally tested it on debian 5 lenny, but I am almost sure it should work pretty well on any new Linux distros. The following script will block and log un-encrypted BitTorrent & DHT traffic on your Linux firewall. Make it executable and create a cronjob to run it daily because trackers change IP address very often. sbin/iptables -A OUTPUT -d $fn -j DROP -m comment -comment "Tracker" sbin/iptables -A FORWARD -d $fn -j DROP -m comment -comment "Tracker" sbin/iptables -A INPUT -d $fn -j DROP -m comment -comment "Tracker" sbin/iptables -D OUTPUT -d $fn -j DROP -m comment -comment "Tracker" sbin/iptables -D FORWARD -d $fn -j DROP -m comment -comment "Tracker" sbin/iptables -D INPUT -d $fn -j DROP -m comment -comment "Tracker" L=$(/usr/bin/sort /etc/trackers | /usr/bin/uniq) Now create “/usr/bin/blocktrackers” script: You can have duplicates in the list, script will take care of that. Create “/etc/trackers” with a list of trackers which you want to be blocked.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |