Hi.
Lately I have run into a situation which for me it seems like a bug.
Here is the situation:
My network contain some Vlans,
I have a host in my internal network (for example 10.3.0.55/24), which I want to block from using Bittorrent, BUT I want everyone else – in the same Vlan and in other Vlans - to use Bittorrent as normal.
No can do.
Logically you would expect that if you put the host 10.3.0.55 in IM/P2P-> Controlled Networks, it will block ONLY this host.
In reality, it blocks ALL networks - in the same Vlan and in other Vlans.
I have talked to Astaro and they say that this is normal and how it should work (which for me sound strange because it makes "Controlled Networks " almost useless ).
The reason:
1. The connections from clients are going on port 80, so the transparent http proxy is handling the packet at first
2. These packets are passing the proxy and afterward they have one of the "external" interface addresses as source address
3. Now those packets are going through the IM/P2P filter and there they are detected as bittorent traffic.
The only way to work around it, is to put all NIC IPs into the skip table.
[:S]
This thread was automatically locked due to age.