P2P & IPCOP

Hi Guys

I was wondering if anyone could give me a little advice regarding IPCOP and P2P software.

I have setup several Cop-Boxes using the very useful P2PBlock by Markus Hoffman, this works very well, however, the networks I setup are all wireless and although this frees up the broadband bandwidth, anyone still using p2p software continues to flood the firewall and access points.

What I wanted to do (possibly in conjunction with p2pblock) is create some iptable rules which detect p2p usage from a user and when they try to access web pages will redirect them to a page warning them to disable their p2p software and deny them internet access for a certain amount of time.

Being a noobie at iptables, could you have a look at these rules I have come across and advise as to wheather they could be used/modified to suit (I have not written them I found them)

TIME2BLOCK=60
WARNPAGEIP=www.flippinstopitwiththep2p.com


# Create rules in mangle table to identify and mark p2p packets

#Restores a mark for each incoming packet
iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark

#Makes sure that an already marked packet won't get marked again
iptables -t mangle -A PREROUTING -m mark ! --mark 0 -j ACCEPT

#Matches single packets of P2P network traffic and marks them
iptables -t mangle -A PREROUTING -m ipp2p --ipp2p -j MARK --set-mark 1

#Mark the whole p2p connection
iptables -t mangle -A PREROUTING -m mark --mark 1 -j CONNMARK --save-mark

# End of mangle rules


# Create P2P rules in filter table

#Create new chain with rules to A.log details in kernel table, B.log details in syslog, C.DROP P2P packets.
iptables -N BLOCKP2P
iptables -A BLOCKP2P -m recent --name P2PBLOCKEDUSERS --set
iptables -A BLOCKP2P -m limit --limit 3/h -j LOG --log-level info --log-prefix 'P2P Firewall - Blocked: '

#Jump to BLOCKP2P chain if packet has a mark
iptables -I FORWARD -m mark --mark 1 -j BLOCKP2P

#Detect HTTP connections from blocked P2P users, ACCEPT
#iptables -I FORWARD -m layer7 --l7proto http -m recent --name P2PBLOCKEDUSERS --rcheck --seconds $TIME2BLOCK -j ACCEPT

#Detect all other traffic from blocked P2P users, DROP for 180 seconds
iptables -I FORWARD -d ! $WARNPAGEIP -m recent --name P2PBLOCKEDUSERS --rcheck --seconds $TIME2BLOCK -j DROP

# End of filtering

# Redirect Rules

#redirect a peer to peer users http sessions to a warning page for 180 seconds, drop all other traffic
iptables -t nat -A PREROUTING -p tcp --dport 80 -m recent --name P2PBLOCKEDUSERS --rcheck --seconds $TIME2BLOCK -j DNAT --to $WARNPAGEIP

# End of Redirect Rules

Would really appreaciate any input as this problem is driving me nuts!

Thanks
Jay

anyone any suggestions? pretty please

Ive tried entering into etc/rc.d/rc.firewall.local & etc/rc.d/rc.firewall]

but cant seem to get any combination right :oops:

even the tiniest crumb of info anyone could throw me would be really appreciated.

Thanks
Jay