https://wiki.frotmail.nl/index.php?action=history&feed=atom&title=TP2010
TP2010 - Revision history
2026-06-15T08:03:24Z
Revision history for this page on the wiki
MediaWiki 1.45.3
https://wiki.frotmail.nl/index.php?title=TP2010&diff=102&oldid=prev
Eric: Created page with "=Info= * Proxy: Squid ** Let op FD's (file descriptors) ** WCCP *** Squid in transparent mode, iptables redirect poort * Shaping op cisco ** Netflow: [http://forums.cacti.net/about12393.html] ** Shaping basics [http://slaptijack.com/networking/easy-traffic-shaping-in-cisco-ios/] ** [http://wiki.nil.com/Traffic_shaping_in_Cisco_IOS] ** [http://www.cisco.com/en/US/docs/ios/12_1t/12_1t2/feature/guide/clsbsshp.html#wp1025965 uitleg] Eerst definities: class-map match-all..."
2022-04-05T09:44:14Z
<p>Created page with "=Info= * Proxy: Squid ** Let op FD's (file descriptors) ** WCCP *** Squid in transparent mode, iptables redirect poort * Shaping op cisco ** Netflow: [http://forums.cacti.net/about12393.html] ** Shaping basics [http://slaptijack.com/networking/easy-traffic-shaping-in-cisco-ios/] ** [http://wiki.nil.com/Traffic_shaping_in_Cisco_IOS] ** [http://www.cisco.com/en/US/docs/ios/12_1t/12_1t2/feature/guide/clsbsshp.html#wp1025965 uitleg] Eerst definities: class-map match-all..."</p>
<p><b>New page</b></p><div>=Info=<br />
* Proxy: Squid <br />
** Let op FD's (file descriptors)<br />
** WCCP<br />
*** Squid in transparent mode, iptables redirect poort<br />
* Shaping op cisco<br />
** Netflow: [http://forums.cacti.net/about12393.html]<br />
** Shaping basics [http://slaptijack.com/networking/easy-traffic-shaping-in-cisco-ios/]<br />
** [http://wiki.nil.com/Traffic_shaping_in_Cisco_IOS]<br />
<br />
** [http://www.cisco.com/en/US/docs/ios/12_1t/12_1t2/feature/guide/clsbsshp.html#wp1025965 uitleg]<br />
Eerst definities:<br />
class-map match-all HTTP<br />
match protocol http<br />
class-map match-any HighPrio<br />
match packet length max 384<br />
match protocol icmp<br />
<br />
Dan Policy<br />
policy-map blaa<br />
class HTTP<br />
shape average 10000000<br />
<br />
En dan toepassen<br />
interface fa0/0<br />
service out blaa<br />
<br />
<br />
<br />
[ INET ]<br />
|<br />
______|_______<br />
| Cisco 2811 |<br />
|______________|<br />
|<br />
_______|_______<br />
| Cisco 3750 |<br />
|_______________|<br />
| | | |<br />
| | | |<br />
____|__|__|__|_____ ___<br />
_| |_ /_ /|<br />
| LAN |--------| | | <-- Squid<br />
|_ _| | | |<br />
|___________________| |__|/<br />
| ___<br />
|____________________|___| <-- Client<br />
/___/<br />
<br />
=Testconfig (v1)=<br />
class-map match-all HTTP<br />
match protocol http<br />
class-map match-all Prio<br />
class-map match-any SSH<br />
match protocol ssh<br />
class-map match-all High<br />
match class-map SSH<br />
class-map match-any HTTPS<br />
match access-group name HTTPS<br />
class-map match-any Normal<br />
match class-map HTTP<br />
match class-map HTTPS<br />
class-map match-any Prios<br />
match class-map Normal<br />
match class-map High<br />
class-map match-all Downstream<br />
match class-map Prios<br />
class-map match-all Web<br />
match class-map HTTP<br />
match class-map HTTPS<br />
class-map match-all Low<br />
!<br />
!<br />
policy-map Prio<br />
policy-map High<br />
class SSH<br />
policy-map Normal<br />
class HTTP<br />
police rate percent 70<br />
violate-action drop<br />
class HTTPS<br />
policy-map Prios<br />
class Normal<br />
bandwidth percent 70<br />
service-policy Normal<br />
class High<br />
bandwidth percent 30<br />
service-policy High<br />
policy-map Downstream<br />
class Downstream<br />
shape average 1000000<br />
service-policy Prios<br />
class class-default<br />
shape average 100000<br />
policy-map Low<br />
!<br />
interface FastEthernet0<br />
ip address 192.168.38.249 255.255.255.0<br />
ip broadcast-address 0.0.0.0<br />
ip nat outside<br />
ip virtual-reassembly<br />
duplex auto<br />
speed auto<br />
!<br />
interface Vlan1<br />
ip address 10.9.0.1 255.255.255.0<br />
ip broadcast-address 0.0.0.0<br />
ip nat inside<br />
ip virtual-reassembly<br />
service-policy output Downstream<br />
!<br />
ip route 0.0.0.0 0.0.0.0 192.168.38.1<br />
!<br />
ip access-list extended HTTP<br />
permit tcp any any eq www<br />
ip access-list extended HTTPS<br />
permit tcp any any eq 443<br />
ip access-list extended Mail<br />
permit tcp any any eq pop3<br />
permit tcp any any eq 143<br />
permit tcp any any eq 993<br />
permit tcp any any eq 995<br />
permit tcp any any eq smtp<br />
!<br />
=testconfig (v5)=<br />
Wanneer verkeer is binnen gekomen heeft het geen nut meer om te shapen. De queue van de provider zit dan al vol. De clue zit hem dus in het upstream shapen (upload naar je ISP) zodat je de eigen queue kan beheren. (WAN-out-shape)<br />
<br />
Downstream kunnen we wel policen om zo de TCP sessies te remmen. (WAN-in-police)<br />
=Services=<br />
==ACL==<br />
Opmerkingen:<br />
FTP, ipsec, pptp en l2tp: op nbar laten staan?<br />
<br />
BIJWERKEN<br />
<br />
==Gaming==<br />
===WoW===<br />
TCP: 3724, 6112, 6881-6999<br />
Game: TCP 1119 & 3724<br />
Voice: UDP 3724<br />
Downloader (updates): TCP 6112 & 6881-6999<br />
===Steam===<br />
Steam Client<br />
* UDP 27000 to 27015 inclusive (Game client traffic)<br />
* UDP 27015 to 27030 inclusive (Typically Matchmaking and HLTV)<br />
* TCP 27014 to 27050 inclusive (Steam downloads)<br />
* UDP 4380<br />
Dedicated or Listen Servers<br />
* TCP 27015 (SRCDS Rcon port)<br />
Steamworks P2P Networking and Steam Voice Chat<br />
* UDP 3478 (Outbound)<br />
* UDP 4379 (Outbound)<br />
* UDP 4380 (Outbound)<br />
Additional Ports for Call of Duty: Modern Warfare 2 Multiplayer<br />
* UDP 1500 (outbound)<br />
* UDP 3005 (outbound)<br />
* UDP 3101 (outbound)<br />
* UDP 28960<br />
==IM==<br />
===MSN===<br />
Sign in to the Messenger service TCP 80, 443, 1863<br />
Network Detection TCP 7001<br />
UDP 9, 7001<br />
Audio TCP 80, 443, 1863<br />
TCP/UDP 30000 - 65535<br />
Audio (Legacy) UDP 5004 – 65535<br />
Webcam and Video Conversations TCP 80<br />
TCP/UDP 5000 - 65535<br />
File Transfer TCP 443, 1863<br />
TCP/UDP 1025 - 65535<br />
File Transfer (Legacy) TCP 6891 - 6900<br />
Sharing Folders TCP 1863<br />
TCP/UDP 1025 – 65535<br />
Whiteboard and Application Sharing TCP 1503<br />
Remote Assistance TCP 3389<br />
TCP/UDP 49152 – 65535<br />
Windows Live Call TCP 443, 5061<br />
UDP 5004 - 65525<br />
Games TCP 80, 443, 1863<br />
TCP/UDP 1025 - 65535<br />
<br />
===Skype===<br />
Niet mogelijk vast te stellen?<br />
<br />
===IRC===<br />
TCP 6667<br />
<br />
===ICQ===<br />
TCP 5190<br />
<br />
==Blocked==<br />
===Torrent===<br />
Op basis van headers?<br />
Is het nodig om dit te blokkeren als we inbound connecties niet door laten?<br />
<br />
===NNTP===<br />
TCP 119<br />
<br />
=Analyse=<br />
==DNS==<br />
IPTraf<br />
┌ Packet Distribution by Size ─────────────────────────────────────────────────â”<br />
│ │<br />
│ Packet size brackets for interface eth0 │<br />
│ │<br />
│ │<br />
│ Packet Size (bytes) Count Packet Size (bytes) Count │<br />
│ 1 to 75: 6118 751 to 825: 0 │<br />
│ 76 to 150: 6710 826 to 900: 0 │<br />
│ 151 to 225: 900 901 to 975: 0 │<br />
│ 226 to 300: 329 976 to 1050: 0 │<br />
│ 301 to 375: 130 1051 to 1125: 1 │<br />
│ 376 to 450: 154 1126 to 1200: 0 │<br />
│ 451 to 525: 101 1201 to 1275: 0 │<br />
│ 526 to 600: 42 1276 to 1350: 0 │<br />
│ 601 to 675: 4 1351 to 1425: 0 │<br />
│ 676 to 750: 0 1426 to 1500+: 2 │<br />
│ │<br />
│ │<br />
│ Interface MTU is 1500 bytes, not counting the data-link header │<br />
│ Maximum packet size is the MTU plus the data-link header length │<br />
│ Packet size computations include data-link headers, if any │<br />
└ Elapsed time: 0:05 ────────────────────────────────────────────────────────┘<br />
==SSH==<br />
Proto/Port ───────── Pkts ─── Bytes ── PktsTo ─ BytesTo PktsFrom BytesFrom ─<br />
TCP/22 621 87044 311 16220 310 70824 <br />
<br />
Sent: 621 p -> 87044 bytes = 140 bytes pp<br />
Received: 310 p -> 70824 bytes = 228 bytes pp</div>
Eric