Blocking outgoing file sharing protocals

Previous  Top  Next

We can block outgoing connections (TCP & UDP) for the following file sharing applications:

1044	Direct File Express

1045	Direct File Express

1214	Kazaa, Grokster

4329

iMesh

4661	Edonkey 2000

4662

"

4665

"

6346	BearShare, Gnucleus, Morpheus, Swapper, XoloX, LimeWire,

Phex, Gnewtellium, Gtk-Gnutella, Mutella, Qtella

6347   "
6666   Yoink
6667   Yoink
6699   AutoNap, BeNapster, Napster, Crapster, Duskter, Gnap,
   Gtk Napster, Hackster, iNapster, Jnap, WinMX
6700   "
6701   "
7668   Aimster / Madster
7788   BuddyShare
8311   Scour
8888   AudioGnome, OpenNap, Swaptor
8889   AudioGnome, OpenNap
28864   hotComm
28865   hotComm
41170   Blubster

We will block access to these services by adding the following lines to the beginning of the pf.conf file:

ports_ptp = "{ 1044, 1045, 1214, 4329, 4661, 4662, 4665, 6346, 6347, 6666, 6667, 6699, 6700, 6701, 7668, 7788, 8311, 8888, 8889, 28864, 28865, 41170 }"

block out on $ext_if proto { tcp, udp } from $internal_net to any port $ports_ptp

It is important to note that some file sharing applications/protocols, most notable Kazaa, will dynamically switch and use different ports (including HTTP 80) when they are unable to talk to the servers. The rules above may therefore only prevent certain less sophisticated protocols. For more information on how to prevent Kazaa please search the Misc OpenBSD mailing list, Google Groups or wait for an updated version of this document.