Date: Fri, 20 Oct 2000 11:51:44 -0400 From: James Housley <jim@thehousleys.net> To: Nate Williams <nate@yogotech.com> Cc: freebsd-hackers@FreeBSD.ORG Subject: Blocking Napster (WAS: IPFW bug/incoming TCP connections being let in.) Message-ID: <39F06A10.8643A0B0@thehousleys.net> References: <200010192029.OAA25357@nomad.yogotech.com> <200010201546.JAA04367@nomad.yogotech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Nate Williams wrote: > > > I had blocked incoming TCP connections coming into my network using > > IPFW, and I noticed that my brother was able to establish a Napster > > connection, even though I had blocked it earlier. > > *sigh* > > Thanks to Guy Helmer for being patient with me as I fretted about this. > > I just found out that Napster leaves a client running in the background, > and even though I had added firewall rules to block new connections to > the server, the old 'established' connection was still up and running. > This might be helpful to you and others. Since napster uses what ever ports it can find the best way is to block the servers. # Napster $fwcmd add deny tcp from any to 208.178.163.56/29 via tun0 $fwcmd add deny tcp from any to 208.178.175.128/29 via tun0 $fwcmd add deny tcp from any to 208.49.239.240/28 via tun0 $fwcmd add deny tcp from any to 208.49.228.0/24 via tun0 $fwcmd add deny tcp from any to 208.184.216.0/24 via tun0 Jim -- jeh@FreeBSD.org http://www.FreeBSD.org The Power to Serve jim@TheHousleys.Net http://www.TheHousleys.net --------------------------------------------------------------------- Unix is very user-friendly. It's just picky who its friends are. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39F06A10.8643A0B0>