Citação Postado originalmente por qnqweb Ver Post
Script para fechar algumas portas P2P
# fechando portas TCP indesejadas forward
iptables -A FORWARD -p tcp --dport 135 -j DROP
iptables -A FORWARD -p tcp --dport 137 -j DROP
iptables -A FORWARD -p tcp --dport 138 -j DROP
iptables -A FORWARD -p tcp --dport 139 -j DROP
iptables -A FORWARD -p tcp --dport 445 -j DROP
iptables -A FORWARD -p tcp --dport 449 -j DROP
iptables -A FORWARD -p tcp --dport 555 -j DROP
iptables -A FORWARD -p tcp --dport 1171 -j DROP
iptables -A FORWARD -p tcp --dport 1210:1219 -j DROP
iptables -A FORWARD -p tcp --dport 1243 -j DROP
iptables -A FORWARD -p tcp --dport 2234 -j DROP
iptables -A FORWARD -p tcp --dport 2705 -j DROP
iptables -A FORWARD -p tcp --dport 3129 -j DROP
iptables -A FORWARD -p tcp --dport 3531 -j DROP
iptables -A FORWARD -p tcp --dport 4444 -j DROP
iptables -A FORWARD -p tcp --dport 4661:4669 -j DROP
iptables -A FORWARD -p tcp --dport 4672 -j DROP
iptables -A FORWARD -p tcp --dport 5500:5503 -j DROP
iptables -A FORWARD -p tcp --dport 5534 -j DROP
iptables -A FORWARD -p tcp --dport 5068 -j DROP
iptables -A FORWARD -p tcp --dport 6129 -j DROP
iptables -A FORWARD -p tcp --dport 6340:6349 -j DROP
iptables -A FORWARD -p tcp --dport 6670 -j DROP
iptables -A FORWARD -p tcp --dport 6711 -j DROP
iptables -A FORWARD -p tcp --dport 6881:6889 -j DROP
iptables -A FORWARD -p tcp --dport 6699 -j DROP
iptables -A FORWARD -p tcp --dport 6969 -j DROP
iptables -A FORWARD -p tcp --dport 7668 -j DROP
iptables -A FORWARD -p tcp --dport 8038 -j DROP
iptables -A FORWARD -p tcp --dport 12345 -j DROP
iptables -A FORWARD -p tcp --dport 21544 -j DROP
iptables -A FORWARD -p tcp --dport 23456 -j DROP
iptables -A FORWARD -p tcp --dport 27374 -j DROP
iptables -A FORWARD -p tcp --dport 30100 -j DROP
iptables -A FORWARD -p tcp --dport 40000 -j DROP
iptables -A FORWARD -p tcp --dport 50505 -j DROP
#fechando algumas udp
iptables -A FORWARD -p tcp --dport 4660:4680 -j DROP

#Priorizando Tráfego de Navegação, email
iptables -t mangle -A POSTROUTING -o eth1 -p tcp --dport 80 -j TOS --set-tos
16
iptables -t mangle -A POSTROUTING -o eth1 -p tcp --dport 443 -j
TOS --set-tos 16
iptables -t mangle -A POSTROUTING -o eth1 -p tcp --dport 110 -j
TOS --set-tos 16
iptables -t mangle -A POSTROUTING -o eth1 -p tcp --dport 25 -j TOS --set-tos
16


Squid/Cache

Hoje em dia com a evoluçã dos P2P, que usam Tuneis par conexã com seus servers, só dá pra bloquear com o Layer 7.

Falow ...