Is it possible to slow down/throttle P2P traffic using iptables.
I am running IPtables on a Linux box which is a gateway to the intranet. Blocking P2P altogether seems to be rather difficult.
So I was thinking if there is a way to slow it down, so that it becomes useless for the user & also saves bandwidth. Googling showed me that it may be possible by using connlimit/limit-burst for doing this, but I can't find a detailed write up on this? Any iptables expert to help out with this using particular characteristics of P2P traffic. Also will this work with encrypted P2P also?
There may be 50 to 100 machines behind the gateway.
Best Answer
OpenDPI, L7-filter and IP2P block P2P. Also, block 6969 6880-6890 port. And you can shape traffic to high port(>20000) by connlimit or tc.