andyjlund
The wiki article for P2P_Blocking refers to the original forum thread (for sme7 versions),
which then refers to development for sme 8 here
http://forums.contribs.org/index.php/topic,48742.0.htmlFrom a quick read, it does not seem that current kernel kmod versions have been released. You may need to follow up with the original author/maintainer or compile them yourself.
Also re the issue of "putting another firewall on top of your existing sme server", the general concept would be to virtualize, ie install a virtual environment eg Proxmox etc & then install pfsense (or whatever you prefer) & sme server, on the one hardware box. There are a number of virtual environments (software) available, so read the forums & elsewhere to see what suits you best.
Also you might want to look at the CoovaChilli contrib re your wireless hotspot (for improved security & control via a 3rd NIC).
Quoting from the wiki article,
"Every clients connected on this new "lan" will have to authenticate themself before coova-chilli allows traffic to pass.
Once authenticated, clients will have only web access (http/https). Of course, you can customize firewall rules to allow more access"
It limits traffic to some degree so may also be useful for blocking p2p.
Read up on what it does (also search for chillispot which the contrib is based upon).
http://wiki.contribs.org/CoovaChilliAlso there may be other ways to deal with p2p traffic eg use Dansguardian (or squidguard or similar) to prevent login to sites/servers & thus stop the initial p2p connection being established. DG or SG do not block p2p as such, as p2p can usually search for & use differing ports etc, but blocking login may prevent further p2p access or establishing of p2p connections. Your success may vary.
5 Replies
1326 Views