Topic: Blocking File-Sharing (KaZaA, Limewire, etc.)

[Steve]

I am the administrator of a small high-school.  Recently, I have had problems with file-sharing apps. such as KaZaA, Morpheus, Limewire, etc. using all of the bandwidth of our T1.  I was wondering if there is anyway to have an e-smith server block these applications (e.g. Force clients to use http proxy), but I have also heard that some of the applications have HTTP tunneling capabilities.  In that case, are there any modules that would allow my e-smith server to limit the bandwidth of the users or a module that could monitor which computers are using the most bandwidth?

Thanks in advance for any information concerning this topic!

Steve

[Grub]

Block incoming port 80 requests from your internal network so that people
are forced to use the proxy server (squid)
You can use squid for bandwidth-limiting.

[Steve]

Grub,
  Thanks for your information!  Do you know where I could find any information for limiting the bandwidth of users using squid?  Are there any .rpm's that install a server-manager module for this?

  Also, do you know how to log how much bandwidth certain users are using?

  How do I keep users from bypassing the sme-proxy (squid)?  The following is approx. how the network is (will be) set up.  (As of right now, the SME server is not in use.  Users are currently being assigned 192.168.1.x.  I am currently testing SME before I put it in a production environment)

##########################################
T1 Connection from ISP
            | |
Netopia R5300r - (156.x.x.x - public)
----------------NAT - (192.168.1.x - private1)
            | |
E-smith Server  - (192.168.1.2 - private1)
----------------NAT - (10.0.0.1      - private2)
            | |
Users using KaZaA, Morpheus, etc. - (10.0.0.x)
##########################################

Thanks once again,
Steve

[Grub]

Dear Steve

Try this url http://www.linuxdoc.org/HOWTO/Bandwidth-Limiting-HOWTO
Squid is already installed with the SME distro.
Don't forget to make custom templates for squid.conf masq and what ever you want.
With 5.1.2 masq is already redirect to the proxy server (squid) so port 80 can't be used with nat.
Don't forget to set your clients to use the proxy... so everything is going through the proxy.
Use putty or an other application which does the same  to connect to your SME server (ssh)

[Steve]

Thanks for the link to the How-To!  I will definitely read that.

I am running v5.1.2.  I assume the proxy is 'transparent' and there is no need to configure the clients.  If I did configure the clients to use the proxy on port 3128 and blocked all other ports would this cause adverse effects?  Will websites with abnormal ports (e.g. http://xyz.com:81) and FTP work if the client is configured to use the proxy?  Also, do you know of any bandwidth monitors that are compatible with SME?  Something to monitor which computers are using the most bandwidth, etc.

[Grub]

Try this one http://ipband.sourceforge.net/

[Steve]

Thanks Grub.
  The previous link looks great.  I will try using that.