国产一级a片免费看高清,亚洲熟女中文字幕在线视频,黄三级高清在线播放,免费黄色视频在线看

打開APP
userphoto
未登錄

開通VIP,暢享免費(fèi)電子書等14項(xiàng)超值服

開通VIP

首頁

好書

留言交流

下載APP

聯(lián)系客服
軟件路由論壇 - Linux - 免升內(nèi)核在nat上封殺p2p(已試驗(yàn)成功)
免升內(nèi)核在nat上封殺p2p(已試驗(yàn)成功)

os:redhat9.0
kernels:2.4.20-8                  uname -a
iptables:系統(tǒng)自帶1.2.7a        iptables -V

首先下載對(duì)應(yīng)自己系統(tǒng)版本的iptables源碼:www.iptables.org  使用wget
然后下載最新的ipp2p補(bǔ)丁:www.ipp2p.org

先看介紹:

kernel
It is always a good idea to use the latest stable kernel because of recent bugfixes and improved stability. During it‘s development IPP2P was successful used with the following kernel versions:
2.4.18, 2.4.19, 2.4.20, 2.4.21, 2.4.22, 2.4.23, 2.4.26
2.6.3, 2.6.4, 2.6.6
This does NOT mean that IPP2P may not run together with other kernel versions but it was not tested yet. If someone finds out that IPP2P also is running stable with other kernel versions feel free to inform the author (contact). A very important source for updates of the netfilter code is the patch-o-matic next generation system (POM-ng) available at the netfilter homepage. It contains the latest bugfixes and netfilter extensions (like CLASSIFY, CONNMARK, ...). The daily snapshots may be a good choice to get the very latest kernel updates. IPP2P is also included in POM-ng. If you don‘t want to use the source tarball grep latest POM-ng snapshot and run "./runme ipp2p" to install IPP2P only or "./runme extra" for IPP2P and some other updates. You‘ll need to enable IPP2P support in kernel config and recompile kernel and iptables.

iptables
As said with kernel try to use a recent version of iptables as well. We used the following versions of iptables without any problems:
1.2.7a, 1.2.8, 1.2.9rc1, 1.2.9, 1.2.11
It is also possible (and likely) that IPP2P runs together with older versions as well but we‘re lacking of experiences on this issue. New versions of iptables are released in unsteady intervals at the netfilter homepage.

呵呵最低支持標(biāo)準(zhǔn)啊!~~

解iptables源碼至/usr/src/iptables-1.2.7a
解ipp2p-0.8.0_rc3.tar.gz至 /root/download/ipp2p-0.8.0_rc3

cd  /root/download/ipp2p-0.8.0_rc3
vi Makefie
找到IPTABLES_SRC = /usr/src/iptables
改為IPTABLES_SRC = /usr/src/iptables-1.2.7a  (剛才我們下載了對(duì)應(yīng)系統(tǒng)的源碼并解壓到了這里)

好了,保存退出。在ipp2p-0.8.0_rc3目錄下執(zhí)行
make
cp libipt_ipp2p.so /lib/iptables/
cp ipt_ipp2p.o /lib/modules/
insmod ipt_ipp2p.o

好了,這就可以使用iptables的參數(shù)了。
iptables -A FORWARD -m ipp2p --ipp2p -j DROP
iptables -L 查看FORWARD多了條規(guī)則。
順便自己做成腳本。添加3項(xiàng):
/sbin/insmod /root/download/ipp2p-0.8.0_rc3/ipt_ipp2p.o            #加載模塊
/sbin/iptables -A FORWARD -m ipp2p --ipp2p -j DROP
/sbin/iptables -A INPUT -m ipp2p --ipp2p -j DROP
實(shí)測(cè)不加過濾下載神六飛船升空錄像700kB-1.0mB,加載后68-80KB穩(wěn)定下載速度。
呵呵ipp2p.org不斷升級(jí),應(yīng)該能改善p2p的猖獗流量。
附howto部分內(nèi)容:
The following table shows a lineup of all module options currently available for IPP2P. Make sure not to use --ipp2p together with any other option already included in --ipp2p !


option  P2P network  protocol  quality  
--edk  eDonkey, eMule, Kademlia  TCP and UDP  very good  
--kazaa  KaZaA, FastTrack  TCP and UDP  good  
--gnu  Gnutella  TCP and UDP  good  
--dc  Direct Connect  TCP only  good  
--bit  BitTorrent, extended BT  TCP and UDP  good  
--apple  AppleJuice  TCP only  (need feedback)  
--winmx  WinMX  TCP only  (need feedback)  
--soul  SoulSeek  TCP only  good (need feedback)  
--ares  Ares, AresLite  TCP only  moderate (DROP only)  
本站僅提供存儲(chǔ)服務(wù),所有內(nèi)容均由用戶發(fā)布,如發(fā)現(xiàn)有害或侵權(quán)內(nèi)容,請(qǐng)點(diǎn)擊舉報(bào)。
打開APP,閱讀全文并永久保存 查看更多類似文章
猜你喜歡
類似文章
[原創(chuàng)]在2.6內(nèi)核下不編譯內(nèi)核給iptables添加模塊
iptables原理知識(shí)
使用iptables的功能擴(kuò)展全面封殺P2P流量(不要重新編譯內(nèi)核及Netfilter模塊...
用iptables封殺內(nèi)網(wǎng)的bt軟件 - 51CTO.COM
Linux下簡單實(shí)用的防火墻配置
Squid+iptables的透明代理配置 - CIN的日志 - 網(wǎng)易博客
更多類似文章 >>
生活服務(wù)
分享 收藏 導(dǎo)長圖 關(guān)注 下載文章
綁定賬號(hào)成功
后續(xù)可登錄賬號(hào)暢享VIP特權(quán)!
如果VIP功能使用有故障,
可點(diǎn)擊這里聯(lián)系客服!

聯(lián)系客服