Wednesday, September 05, 2007
Is Comcast's BitTorrent filtering violating the law?
Comcast's filtering/throttling of torrent traffic involves forging TCP reset packets, pretending to be from one end of the torrent session. This is the same technique used by the Great Firewall of China, and a pretty clear violation of various states' criminal impersonation statues. Could Comcast face legal action? More >>>
Subscribe to:
Post Comments (Atom)
7 comments:
Beating Sandvine with Linux iptables
If you are tired of Sandvine screwing with your BitTorrent and a user of GNU/Linux, then this is for you. I will tell you how to take your bandwidth back.
If you are using a Red Hat Linux derivative, such as Fedora Core or CentOS, then you will want to edit /etc/sysconfig/iptables. First, make a backup of this file. Next, open this file in your favorite text editor. Replace the current contents with this, substituting 6883 with your BitTorrent port number:
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
#Comcast BitTorrent seeding block workaround
-A RH-Firewall-1-INPUT -p tcp --dport 6883 --tcp-flags RST RST -j DROP
#BitTorrent
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 6883 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 6883 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
Reload your iptables firewall with service iptables restart. You should now see a great improvement in your seeding.
If you are using Ubuntu or another non-Red Hat Linux derivative, then place the following in a file and execute that file as root.
#!/bin/sh
#Replace 6883 with you BT port
BT_PORT=6883
#Flush the filters
iptables -F
#Apply new filters
iptables -A INPUT -j RH-Firewall-1-INPUT
iptables -A RH-Firewall-1-INPUT -i lo -j ACCEPT
iptables -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
#Comcast BitTorrent seeding block workaround
iptables -A RH-Firewall-1-INPUT -p tcp --dport $BT_PORT --tcp-flags RST RST -j DROP
#BitTorrent
iptables -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport $BT_PORT -j ACCEPT
iptables -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport $BT_PORT -j ACCEPT
iptables -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
iptables -A FORWARD -j REJECT --reject-with icmp-host-prohibited
Your firewall is now configured and you should have great upload speed now. You will have to run this script every boot, by the way. One easy way is to call the script at the end of /etc/rc.local.
http://redhatcat.blogspot.com/2007/09/beating-sandvine-with-linux-iptables.html
Anonymous' work-around won't work...
Tests and Results-RSTs are set in both directions
http://www.dslreports.com/forum/r19036168-Tests-and-ResultsRSTs-are-set-in-both-directions
Comcast users should not modify their firewalls to drop RST packets as it is not an effective defense against the injected RST packets.
There isn't any wrong or right method to make a website. We've got sites related to
a particular market and even internet sites for 100 % not related items. It’s seriously up to you that approach you need to go. One thing though…you advocate Digg, how come you would spend cash on developing a .world wide web.. I’ve usually wondered if this ended up being critical. A response could be great!
Feel free to visit my website :: Genital Warts Cures
Dang, I merely joined a protracted plus comprehensive brief review, but once
Cleaning it once a for you to submit the item my
personal Ie damaged. Maybe it was for some reason rescued
or perhaps should i replace this?
Here is my blog ... Instant Vehicle Insurance
I don’t be aware of how I ended up the following, even so believe that
this post is shocking. I actually don’t identify whom you are nonetheless definitely you will be a renowned digg, if you're not witout a doubt.
Feel free to surf my blog post : Genital Warts Remedy
If you are going fοr bеst сontentѕ like I
do, just viѕit thіs ѕite everyday sinсe it offers quаlity сontеnts, thanks
My web page :: vida vacations
Hi Deаr, arе you reаlly viѕiting this web sіte гegulaгlу, іf sо afterward
yοu will without doubt obtain pleasаnt κnow-how.
Also visit my web page vida vacations
Post a Comment