Koozali.org: home of the SME Server

Contribs.org Forums => General Discussion => Topic started by: andyjlund on August 30, 2013, 08:05:08 PM

Title: Block Peer to Peer Traffic
Post by: andyjlund on August 30, 2013, 08:05:08 PM

I am new to SME Server and i need a bit of guidance on how to block Peer to Peer traffic on the firewall of the SME Server.

The reason why is because i am setting up a wireless hotspot for a friends holiday lodges for their customers.  I have set the server up in Server and Gateway so that all traffic passes through the server before going out on the internet.  I need to stop customers hogging the bandwidth by blocking Peer to Peer traffic.

Is it able to be done through the normal firewall of SME server or do i need to get some other software to sit on top?  I'd also like to be able to do bandwidth throttling as well, but i am sure that will require additional software.

Any help would be appreciated.

Andy

Title: Re: Block Peer to Peer Traffic
Post by: Stefano on August 31, 2013, 12:48:03 AM

my suggestion is to use something like pfsense, monowall, endian , smoothwall or similar as gateway and setup SME as server only..

SME can do it, but you should use the right tool..

Title: Re: Block Peer to Peer Traffic
Post by: janet on August 31, 2013, 01:09:16 AM

andyjlund

Quote

I am new to SME Server and i need a bit of guidance on how to block Peer to Peer traffic on the firewall of the SME Server.

Also see these, but you (or someone) needs to build & release new packages each time the kernel is updated.

http://forums.contribs.org/index.php/topic,43669.msg242483.html#msg242483
http://forums.contribs.org/index.php/topic,48742.0.html
http://wiki.contribs.org/P2P_blocking

Title: Re: Block Peer to Peer Traffic
Post by: wired-circuit on August 31, 2013, 10:29:56 AM

Commission a server install of Ubuntu with the ubiquity unifi controller. Setup your wifi access points to talk to the new server. Isolate wireless clients using the access point.

Cable a switch into the router for your wireless clients. Cable the Untrusted point of your sme server into the router. On the trusted side put your desktop clients.

Setup firewall on router to do the blocking.

• http://www.4gon.co.uk/ubiquiti-networks-m-97.html
• http://www.draytek.co.uk/products/vigor2860.html
• http://aws.amazon.com/
• https://help.ubuntu.com/community/EC2StartersGuide
• http://wiki.ubnt.com/UniFi_FAQ#Install_the_controller_in_.22the_cloud.22_--_Amazon_Web_Services_.28AWS.29
• http://www.draytek.co.uk/products/draytek_wcf.html (content filtering on Draytek)
• http://support.draytek.net.au/index.php?/Knowledgebase/Article/View/261/39/how-can-i-block-imp2p-for-some-specified-people

Title: Re: Block Peer to Peer Traffic
Post by: wired-circuit on August 31, 2013, 10:32:23 AM

You can always add another access point on the trusted side with a different name.

Title: Re: Block Peer to Peer Traffic
Post by: chris burnat on September 02, 2013, 01:59:57 AM

Moving to general discussions, this topic, whilst interesting, does not involve core packages of sme distro.