Re: [Mldonkey-users] Idea: limiting the port rnage mldonkey uses

[Wyvern]

On 20 Feb 2003 03:00:24 +0100
Goswin Brederlow <address@hidden> wrote:

> Hi,
> 
> I'm trying to find a optimal way to account traffic for mldonkey and
> to shape it.
> 
> My best general solution is to restrict mldonkey so a certain port
> range and keep everyone else out of that range. Currently I'm doing
> that with iptables SNAT/DNAT but I think I'm confusing some clients
> with that. I also can't seperate donkey and overnet traffic reliable.
> 
> It would be good if one could give mldonkey two port ranges to be used
> for donkey and overnet connects, say 3000-3999 for overnet and
> 4000-4999 for donkey. This would allow reliable traffic accounting
> with a simple iptables rule, allow a smaller window in the
> firewall/port forwarding and easier shaping on routers.
> 
> MfG
>         Goswin
> 

You can do it 100% accuratly by patching Your kernel to support -m owner match 
(in iptables), this way all packets from mldonkey are matched. This wouldn't 
help you to identify which connections are from overnet, and which are from 
edonkey... (unless you will run seperate mldonkey's, one connected to overnet 
network, other to edonkey :))
Hope that helps.

Oh and btw. "-m owner" will only work for localy generated packets, so you 
can't use it if your firewall is on another machine than your mldonkey.

If you are intrested in more info on that, let me know.

---
Wyvern