FTwall is a P2P traffic filtering script designed to block Kazaa traffic. Its full name is Fast Track traffic Firewall, and it is an effective tool for managing network traffic.
The primary objective of Ftwall-2 is to block network traffic between P2P client applications running in the 'home' or 'green' network from accessing public internet peers. This software is primarily useful in networks where outbound connections are allowed with tightly limited inbound access. The latest version of Ftwall-2 can prevent outbound P2P access using the supported protocols that help in restricting illegal file transfers.
FTwall-2 solves several security problems that arise with Fast Track protocol clients. FTwall controlled only the Fast Track protocol with the initial version, whereas the second version obstructs traffic from WinMX and OpenNap clients using DNS name wildcards to train FTwall. This updated version provides developers with a mechanism based on DNS name wildcards. For instance, blocking access to IP addresses resolved from any domain name that corresponds to 'winmx.com' would obstruct WinMX's native protocol. For more information regarding Ftwall's new features, one could refer to the man page or follow the link at the bottom of the page.
FTwall-2 requires a Linux-based firewall with kernel 2.4 or later and iptables of version 1.2.6 or newer editions, tested with version 2.4.20. The current edition is utilized by RedHat 8.0, and the software has been developed in the same system. The software has also undergone brief testing in RedHat 9 and Fedora, and further news is awaited. FTwall-2 runs seamlessly on the 'ipcop' firewall version 1.3.0 and is compatible with the QUEUE target and string match modules added manually. It will not operate on Smoothwall 1.0, but it will presumably work with Smoothwall 2.0.
FTwall-2 was mostly tested with a few popular P2P client applications, including Kazaa 2.1.1, 2.5-beta2, 2.5.1, Kazaa Lite 2.0.2, K++ 2.4.3, iMesh 4.1 build 132, 4.2 build 138, Grokster 1.7, and WinMX 3.31. While it is a reliable platform, it also has its limitations, such as requiring the Linux kernel version 2.4 equipped with 'iptables' and the 'QUEUE' target. The 'ip_string' match module in iptables is desirable but not specifically required. There is also a possibility that Ftwall-2 may need to be reworked if the protocols are changed in the future. Lastly, it is worth pointing out that Ftwall-2 does not block the 'SOCKS PROXY' connection option of FastTrack. Anyone aiming to secure their network completely would need to obstruct this style of traffic with a firewall.
Version 2.02: N/A