Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[Chareos]

Hi everybody,

I was just wandering about which one is better.
Actually I can successfully load the bluetack IPFilter list in amule, but I cannot verify if unwanted IPs are really left out. With an IPTables based method instead I can easily see in my messages log that bad IPs are thrown away.
Now, I see IPTables slows my pc down with 50000+ rules...
IPFilter leaves my pc much more resources (and don't kill my browser while going on http://www.hp.com for example).

What is your suggestion ? Shall I go for IPTables or IPFilter ?

Is there a definitive way to check IPFilter effectiveness ?
Log (even the verbose one) is not useful.

Many, many thanks
Fabio

[Xaignar]

Verbose log should contain messes when a IP has been filtered, also, if aMule is letting connections through from IPs that should have been filtered, then it's a bug and it should be fixed.

[Chareos]

Is there any particular kind of log I should look at ?


Maybe something similar to... ?

01/26/05 23:44:21: Remote Client: OP_STARTUPLOADREQ
01/26/05 23:44:21: Packet received from 81.XXX.XX.XXX


Or, would you suggest me a typical log I should look at ?

Thanks

[Chareos]

Nobody knows a typical log entry I can look for to be sure the filters are working ?

pleeease ?  

[geeko]

Chareos,

I've modified my amule to always show filtered ips (at the amule log tab)

I don't know if this can help you or not, but if you want I can post that patch here...

regards,
geeko

[Chareos]

Many thanks, geeko !

Right now I'm using a pre-compiled amule (for Slackware) but I could try your patch... or wait for an official version that integrates it, if programmers are willing to...

Would you post your patch, please ?
Thank you again !

[Xaignar]

I dont think that changing the default behavior to display filtered IPs would be a good idea, considering that there can be hundreds if not more of such events in a relative short time (especially if you use the IPFilter to limit foreign traffic), with the result that they will outweight the normal log entires.

[geeko]

Chareos,

Is like Xaignar says...

So before proceeding in applaying this patch is best to backup your previous version, and only to run this modified version for a short period of time because, it might increase significantly your log file or even increase your CPU time... But for now, just use it  to "debug" your IPFilter file, without having that extra output of the verbose mode

despite of that... here it is...

HTH
geeko

[Chareos]

I agree with you, Xaignar, but having it hardcoded disabled kills any choice.
Maybe a setting on/off would be enough (and very handful).


Thank you all, I'll try this afternoon !
Fabio

[Xaignar]

That's what the Verbose option is for.

[geeko]

Xaignar,

I agree with you also...

but my ideia was only to prevent a lot of extra information, shown when activating the verbose option(if the purpose is only to verify/check the ipfilter functionality/behavior) and not to break amule's default behavior...

just a thought

best regards,
geeko

[Chareos]

No spare time recently to try, so... another question:

Xaignar, what's a typical entry I could look for ? I mean, there's an entry (in verbose mode) that proves me the filter is working ?
Maybe something like "Client 'name' (IP:xx.xxx.xx.xx) caused a socket blocking error. Retries: 0. Trying to reconnect... (retries left: 2)" or anything else... ?


Fabio

[Xaignar]

The actual log-lines will look something like this:
"Filtered IP: ()"