saikat-chaudhuri / opendpi

Automatically exported from code.google.com/p/opendpi
GNU Lesser General Public License v3.0
0 stars 0 forks source link

Iptables block traffic using -m recent and -m opendpi #23

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
I'm trying to block all traffic for about 1 minute for users that use 
bittorrent. To accomplish that I used the following 2 rules:

Rule 1:
iptables -I FORWARD 1 -m recent --name badguy --rcheck --seconds 60 -j DROP

Rule 2:
iptables -I FORWARD 2  -m recent --name badguy --set -j DROP -m opendpi 
--bittorrent
I also tried:
iptables -I FORWARD 2  -m recent --name badguy --set -m opendpi --bittorrent -j 
DROP 
And:
iptables -I FORWARD 2 -j DROP -m recent --name badguy --set -m opendpi 
--bittorrent

This doesn't work! because -m recent marks all traffic at rule 2 and then the 
rule 1 blocks it for 60 seconds
Is this a bug? Is there another way of doing this?

What version of the product are you using? On what operating system?
Scientific Linux 6.1
kernel 2.6.32-220.2.1.el6.x86_64
OpenDPI V1.3
Netfilter wrapper for OpenDPI 1.2

Thanks
Fernando Reis

Original issue reported on code.google.com by fernando...@hotmail.com on 19 Jan 2012 at 4:09