Install IPP2P in Debian Etch to Block P2P
Submitted by Richard on Fri, 11/14/2008 - 16:40
What is IPP2P
The goal of the IPP2P project is to identify peer-to-peer (P2P) data in IP traffic. For this purpose we extended the iptables/netfilter architecture by a new matching module. Thereby IPP2P integrates itself easily into existing Linux firewalls and it's functionality can be used by adding appropriate filter rules.
IPP2P uses suitable search patterns to identify P2P traffic thus allowing the reliable identifcation of traffic belonging to many P2P networks. Once identified one may handle P2P traffic in different ways - dropping such traffic, putting into low priority classes or shaping to a given bandwidth limit is possible. Reducing costs, freeing network ressources and therefore improving network performance is often the result of using IPP2P.
Supported IPP2P protocol
- eDonkey, eMule
- KaZaA
- Gnutella
- Direct Connect
- BitTorrent
- AppleJuice
- WinMX
- SoulSeek
- Ares, AresLite
To compile ipp2p you need to install the kernel headers and iptables headers.
apt-get install linux-headers-$(uname -r) iptables-dev
Download ipp2p source from their website
wget http://www.ipp2p.org/downloads/ipp2p-0.8.2.tar.gz
Untar the file and download Gentoo's kernel patch for ipp2p or you can download the patch attached from this blog.
cd ../ipp2p-0.8.2
wget http://sources.gentoo.org/viewcvs.py/*checkout*/gentoo-x86/net-firewall/ipp2p/files/ipp2p-0.8.2-kernel-2.6.22.patch
wget http://sources.gentoo.org/viewcvs.py/*checkout*/gentoo-x86/net-firewall/ipp2p/files/ipp2p-0.8.2-iptables-1.4.0.patch
wget http://sources.gentoo.org/viewcvs.py/*checkout*/gentoo-x86/net-firewall/ipp2p/files/ipp2p-0.8.2-kernel-2.6.22.patch
wget http://sources.gentoo.org/viewcvs.py/*checkout*/gentoo-x86/net-firewall/ipp2p/files/ipp2p-0.8.2-iptables-1.4.0.patch
Apply the patch for ipp2p
patch -p1 < ipp2p-0.8.2-kernel-2.6.22.patch
patch -p1 < ipp2p-0.8.2-iptables-1.4.0.patch
patch -p1 < ipp2p-0.8.2-iptables-1.4.0.patch
Modify the Makefile file
vi Makefile
and change:
libipt_ipp2p.so: libipt_ipp2p.c ipt_ipp2p.h $(CC) $(CFLAGS) $(IPTABLES_OPTION) $(IPTABLES_INCLUDE) -fPIC -c libipt_ipp2p.c ld -shared -o libipt_ipp2p.so libipt_ipp2p.o
to:
$(CC) -shared -o libipt_ipp2p.so libipt_ipp2p.o
Compile ipp2p using this command:
make
Copy libraries
cp libipt_ipp2p.so /lib/iptables/
cp ipt_ipp2p.ko /lib/modules/2.6.18-6-686/kernel/net/netfilter/
cp ipt_ipp2p.ko /lib/modules/2.6.18-6-686/kernel/net/netfilter/
and run
depmod -a
IPP2P is now installed, you can check using this command:
iptables -m ipp2p --help
You can start blocking P2P applications such as bittorrent and gnutella.
Bookmark/Search this post with:
Delicious
Digg
StumbleUpon
Furl
Facebook
Twitter
Google
Yahoo
Buzz Up!
LinkedIn
Technorati
Related Posts
- Ubuntu and Debian Internet Gateway (IP Masquerading)
- Make your CentOS 4 box acting as an Internet Gateway/Router using IP Masquerading
- How to find the fastest repository in Debian
- Create Self-signed SSL Certifcate using OpenSSL for testing purposes in Debian/Ubuntu
- Apache2 name-based virtual hosting on Debian/Ubuntu
Comments
I have the same problem did someone solve it allready?
greatings
To all having trouble look into the xtables-addons packages. I had to run the xtables-addons-source from experimental in order to get module-assistant to build correctly. The resulting kernel modules will work with the sid version of xtables-addons-common. Note that -m ipp2p --ipp2p is deprecated and individual protocols need to be specified as in -m ipp2p --bit --edk --kazaa.
Hope this helps people who use ipp2p filtering on debian.
Upstream source is of course mentioned in the package description.
http://jengelh.medozas.de/projects/xtables/
ipp2p is now part of xtables-addons project.
Check if your distribution has a package.
This is what solved the problem in my case (Debian).
28 May 2008
22 hours 55 min
Remove the iptables currently installed on your system and download iptables 1.4.0 from netfilter's website.
wget http://netfilter.org/projects/iptables/files/iptables-1.4.0.tar.bz2
Remove installed ipp2p modules
rm -rf /lib/iptables/
Untar and compile the downloaded iptables source
cd iptables-1.4.0
make KERNEL_DIR=/usr/src/linux-headers-2.6.18-6-486
make install KERNEL_DIR=/usr/src/linux-headers-2.6.18-6-486
Install the ipp2p
cd ipp2p-0.8.2
make clean
make
cp libipt_ipp2p.so /usr/local/lib/iptables/
cp ipt_ipp2p.ko /lib/modules/2.6.18-6-486/kernel/net/netfilter/
depmod -a
/usr/local/sbin/iptables -m ipp2p --help
/usr/local/sbin/iptables -A FORWARD -m ipp2p --ipp2p -j DROP
Hope this helps...
Cheers!!!
I too am getting the "variable 'ipp2p' has initializer but incomplete type" etc... error.. resulting in the make process stalling on libipt_ipp2p.so. I get the same error if I patch for ipt 1.4.0 or not... sure is strange. A little nudge would be appreciated
Hello,
I followed your tutorial, and I reached the last step,
but when I want to use ipp2p in the iptables command,
even when I use the examples given in the helpfile, I keep getting the error 'segmentation fault'..
Does anyone know an answer?
Kind regards,
Wouter
HELP!
The kernel module compiles alright (fail on insmod, but success with modprobe after cpy and depmod)
But
Build fails with:
gcc -O3 -Wall -DIPTABLES_VERSION=\"1.4.1.1\" -I/usr/src/iptables-1.4.1.1/include -fPIC -c libipt_ipp2p.c
libipt_ipp2p.c:376: error: variable 'ipp2p' has initializer but incomplete type
libipt_ipp2p.c:378: error: unknown field 'next' specified in initializer
libipt_ipp2p.c:378: warning: excess elements in struct initializer
libipt_ipp2p.c:378: warning: (near initialization for 'ipp2p')
...
...
...
libipt_ipp2p.c:390: warning: (near initialization for 'ipp2p')
libipt_ipp2p.c: In function '_INIT':
libipt_ipp2p.c:396: warning: implicit declaration of function 'register_match'
make: *** [libipt_ipp2p.so] Error 1
Any ideas?
cheers
Post new comment