RE: [squid-users] For admins that wanted to stop torrent downloads

From: SSCR Internet Admin <admin@dont-contact.us>
Date: Tue, 23 Oct 2007 15:42:38 +0800

It seems that I am observing now, 90% of torrent downloads are not
connecting... I guess I would try several days, if these active connecting
torrent can actually connect... This is somewhat useful as of now on my
opinion, it cuts down torrent access...

-----Original Message-----
From: Amos Jeffries [mailto:squid3@treenet.co.nz]
Sent: Tuesday, October 23, 2007 3:22 PM
To: SSCR Internet Admin
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] For admins that wanted to stop torrent downloads

SSCR Internet Admin wrote:
> Hi,
>
> I am experimenting on how to stop torrent downloads, but when a torrent
> client already established a connection, it don't drop the packets at all.
> I hope someone could share a thought or two about my approach....
>
> 1. Run squid on transparent mode
> 2. I run this iptables command...
>
> #Reroute all ports to port 3128
> $IPT -t nat -I PREROUTING -i $INT -p tcp --dport 80 -j DNAT --to
> 192.168.100.1:3128

Target to use is REDIRECT not DNAT.
Or on systems with appropriately patched kernel TPROXY target is available.

<snip remaining list of ports>

>
> 4. I have found this logs on cache.log
>
> 2007/10/23 13:47:42| parseHttpRequest: Requestheader contains NULL
> characters
> 2007/10/23 13:47:42| parseHttpRequest: Unsupported method 'BitTorrent'
> 2007/10/23 13:47:42| clientReadRequest: FD 137 (192.168.100.61:3907)
Invalid
> Request
> 2007/10/23 13:47:43| parseHttpRequest: Requestheader contains NULL
> characters
> 2007/10/23 13:47:43| parseHttpRequest: Unsupported method 'BitTorrent'
> 2007/10/23 13:47:43| clientReadRequest: FD 89 (192.168.100.61:3908)
Invalid
> Request
> 2007/10/23 13:47:43| parseHttpRequest: Requestheader contains NULL
> characters
> 2007/10/23 13:47:43| parseHttpRequest: Unsupported method 'BitTorrent'
> 2007/10/23 13:47:43| clientReadRequest: FD 152 (192.168.100.61:3909)
Invalid
>
>
> I don't know if these experiment also exist, but it's a good way, maybe
> someone could make a patch that blocks torrents or p2p apps based on the
> cache.log results.
>

Better yet. The dev team is looking for somebody interested in adding
full Torrent support to squid.
That would entail adding settings and ACL to configure access/denial
properly.

Amos

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
__________ NOD32 2608 (20071023) Information __________
This message was checked by NOD32 antivirus system.
http://www.eset.com
__________ NOD32 2608 (20071023) Information __________
This message was checked by NOD32 antivirus system.
http://www.eset.com
-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Received on Tue Oct 23 2007 - 01:44:28 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Nov 01 2007 - 13:00:01 MDT