New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Blocking traffic
yowmamasita
Member
I'm running a vpn server at an unmanaged vps and i want to block high bandwidth sites like rapidshare mediafire youtube etc because I only got 100gb bw. My friends suggested me a SQUID proxy will do but I tried and failed. Yes, I am a noob and sorry if I'm asking a stupid question.
I also want to block all ports except web traffic (http and https only right?) and vpn traffic (what port is that? 
) but still I'm hopeless.
Hope you guys spare me some of your time and help me solve this. Thanks a lot!
Comments
Which vps provider only has 10GB of bandwidth?
sorry my bad it's supposed to be a hundred (dam manicure)
LOL!
Are you male/female or he-she? I've never ever had a manicure as I own a pair of scissors.
What VPN software are you running on your vps?
You could block inbound traffic from these sites, You can do this by pinging the domain and then blocking all the IPs in IPTables.
If you want to block all flash video try blocking port 1935 tcp/udp
http://kb2.adobe.com/cps/164/tn_16499.html
Which won't help with all those private or illegal movie sites, as they use port 80/443 since they don't have a Flash Media Server.
Hi,
Change your dns to opendns . register an account on opendns. add your vps ip address as a new network, verify it (they send an email to you with a link, you should connect to your vpn and open that link) and block whatever you want. this only works for domain names, if they know the exact ip that doesn't help , but file-sharing sites usually use a server farm or something like with multiple ips , so usually they have to use the url not the ip.
thanks to everyone!
he, lol. xmas is coming so i thought it's good to get one
OpenVPN, forgot to indicate it
is it an efficient solution? i mean afaik rapidshare has multiple IPs right? or is it enough to block just rapidshare's web ip?
I will try that! thanks! but yea, japon is correct it wont block sites like pr0n streaming sites ayt?
hmm sounds excellent
i will try that!
At first I thought you had had false nails for some reason.
lol you got a manicure for christmas, Am I missing something here? > . >
Regarding what you said though, It would just block rapidshares main website which would stop uploading/downloading of files since direct downloads do not work.
Good Luck OP.
OT:
it's not a big deal here in our country to get manicure/pedicure
if you're too lazy to get your nails done by yourself you can always pay someone. oh btw youre not thinking that manicure = cuticle paint? no, i only got them cleaned
i'll just do it like that then. ill post updates once i get to know how KVMs work. LOL
first time with Hostigation KVMs hope Ill be able to make this work in a day
You could use DPI (deep packet inspection) or layer7 or similiar
Be sure to mention that when you offer the VPN services to third parties, though.
We do not want to be spying on traffic now do we daniel. Not good.
I used to run a VPN Company, Waiting on the WHMCS Developer to finish off the module but clients purchase a VPN to be able to stay annonymous and protected.
You dont need to spy on the traffic your server does that, so its completely safe and annonymous.
Why?
That's walking a very fine line. If the server can monitor the traffic, then a human can read the output, and there's nothing to stop a shady provider from simply saying "Nah, I never look at what the server finds!"
Honesty, for one. Secretly monitoring data without disclosing it to clients is a one-way ticket to deadpool should someone find out and post about it publicly.
Thats true but not very easy. dont forget isp's use this system too
Easy enough if you're good with formatting, I suppose. Not exactly high in my own skillset.
I've always been aware of ISPs being shadier than they'll admit to, that's why I take pains to keep their noses out of my affairs.
afaik you can bypass dns servers
You could just block the sites IP?
Is it possible to setup openvpn and a squid proxy on the same vps then pass openvpn's traffic through the proxy??
Is it also possible to just block *.torrent files from getting through the vpn/proxy?
Most torrents sites also allow you to download a *.txt version of the file.
Rather have the *.torrent file anyway as that's usually only a few kb's. The blocks are the ones that are the multiple megs.
Or Magnet links.
Agreed but that's a link and I believe we're talking about files. Not sure if one could stop the passing of a link. I;m sure there's a way....