There are two things you could do on the software level:
1) Firewalling:
Firewall your gateway server to block ports used by P2P software (eg; gnutella is 6346). On linux you can use IPTABLES. (Try not to use IPCHAINS it is not secure - and the same guy that wrote IPCHAINS also wrote IPTABLES!) There is a howto at linuxdoc.org. Of course, this will completely disable P2P from within your LAN.
2) Quality of Service (QoS):
As an alternative you could keep the relevant ports open (though a firewall should always be present on a LAN gateway) and "shape" the traffic for packet types. Eg; you give port 80 (Http) full priority and any P2P ports are queue filtered. That way if there is no or little http traffic P2P will utilise the bandwidth but if there is http traffic present P2P bandwidth will be limited or even cut completely until http usage decreases again. You can also make email, FTP etc priorities and even at several discrete levels.
Again, there is a linux tool - tc (traffic control) and there is a howto at linuxdoc.org.
Cheers, dan.
Slashdot Mirror
There are two things you could do on the software level: 1) Firewalling: Firewall your gateway server to block ports used by P2P software (eg; gnutella is 6346). On linux you can use IPTABLES. (Try not to use IPCHAINS it is not secure - and the same guy that wrote IPCHAINS also wrote IPTABLES!) There is a howto at linuxdoc.org. Of course, this will completely disable P2P from within your LAN. 2) Quality of Service (QoS): As an alternative you could keep the relevant ports open (though a firewall should always be present on a LAN gateway) and "shape" the traffic for packet types. Eg; you give port 80 (Http) full priority and any P2P ports are queue filtered. That way if there is no or little http traffic P2P will utilise the bandwidth but if there is http traffic present P2P bandwidth will be limited or even cut completely until http usage decreases again. You can also make email, FTP etc priorities and even at several discrete levels. Again, there is a linux tool - tc (traffic control) and there is a howto at linuxdoc.org. Cheers, dan.