D-Link Forums

The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: eko on March 03, 2010, 10:46:07 AM

Title: DFL-800 transparent mode, help!
Post by: eko on March 03, 2010, 10:46:07 AM

Hello, in first sorry for my english, my problem is that in a LAN with 50 PC´s  i have configured DFL-800 in transparent mode and works fine but i want to block the p2p because the connection is too slow , Which is better? ,ip bandwidth manager or block all ports and allow only ftp http mail etc,

Title: Re: DFL-800 transparent mode, help!
Post by: Fatman on March 04, 2010, 08:32:11 AM

Both?

Though if I was only going to use one I would worry more about getting my port controls and ALGs right.

Title: Re: DFL-800 transparent mode, help!
Post by: danilovav on March 05, 2010, 05:03:57 AM

You can use IDP signatures to determine P2P traffic and block it

or

You can make pipes, but rule for selecting of pipe should be based on P2P IDP too

or

You can allow only ALG managed traffic (HTTP, FTP, etc)

Your choise.

Title: Re: DFL-800 transparent mode, help!
Post by: eko on March 09, 2010, 10:18:27 AM

Hey Fatman, i need your help, my LAn is still slow, because i can´t drop the p2p packets, I have 12 mb/down 600kb/up, and i have created 2  pipe rules:



wan-http with 2 pipes http-in  total limit 8000,
                                http-out total limit 400
high precedence 7

wan-all with             std-in total limit 4000 ,
                                  std-out total limit 200
 low precedence 2

but this don´t guarantee 8000kb for http traffic?

how can i make rule for selecting of pipe  based on P2P IDP?
how can i use IDP signatures to determine P2P traffic and block it?

I want to stay 8 mb to navigate and the rest for other applications, but i can´t.
In ALG http-outbound I blacklist some urls, but i can´t make much more.

Fatman . i need your help please!

Title: Re: DFL-800 transparent mode, help!
Post by: eko on March 09, 2010, 10:30:15 AM

Can i assign IP bandwith?

greetings

Title: Re: DFL-800 transparent mode, help!
Post by: Fatman on March 09, 2010, 03:35:11 PM

I would need to see your pipes and pipe rules to know exactly what is going wrong.  600kb up is absolutely anaemic on 12mb down though.

Title: Re: DFL-800 transparent mode, help!
Post by: eko on March 10, 2010, 01:10:55 AM

Hello Fatman, I take some pics form my firewall,  http://yfrog.com/0wpipesruleshttpchainsj (http://yfrog.com/0wpipesruleshttpchainsj).

the pics are from pipes, pipe-rules, ip-rules and interfaces-adreses,

Yes my ISP is ONO and i live in SPAIN and here  is the normal connection , it´s a s*** i know,.

thank you Fatman, for your help, We will stop all these P2P downloads!!

I also want stop the  direct downloads from servers like Megaupload, rapidshare, megavideo etc, and the Jdownloaders, can i specify to stop downloads with size greater than 200 MB, for example??, or assign IP-bandwith?

One more time sorry for my very bad english man! Greetings;

Title: Re: DFL-800 transparent mode, help!
Post by: eko on March 10, 2010, 01:13:39 AM

OR banned a determinate MAC addres for a specific time?
thanks.

Title: Re: DFL-800 transparent mode, help!
Post by: Fatman on March 10, 2010, 11:00:12 AM

Threshold Rules will allow you to slow or shut down abusers once we have reasonable pipes made.  It will also assist you in limiting the number of connections open, which can be important.

As for your pipes, ensure that your HTTP traffic is as a higher precedence.

Take the total bandwidth on your HTTP pipe off and put a precedence level limit on it's precedence.  Ensure the HTTP pipe and the std pipe have the same limits at the HTTP precedence level.

You might not need the all pipes, you should just ensure your rule puts other traffic at priority 0.

There is a lot of fiddling to get pipes right, just keep plugging away.