2011-10-28

Personal note about Freifunk & ZAPP.

The following is just&only (again) a small thought... archived.

There is a nice filter from the freifunk community called "Zapp", only written because of the strange situation that sharing copyrighted content might be illegal - but sharing free content is not.

So I just had to find out for myself how it might be possible (only for Freifunk - not for the Internetz) to differ between inner & outer traffic f.ex. for torrents. So you let pass inner Freifunk torrents and block out Internetz torrents.

As we all know, we are not able to detect encrypted stuff (using legal stuff...) but what could be possible is the addition of checking two different kinds of protocols for each client and even router in a Freifunk-net.

Just as a starting point, I'll take:
more /proc/net/ip_conntrack | grep udp | grep -v dport=698 | awk {'print $4'} | sed -e 's/src=//' | sort | uniq -c | sort -n
more /proc/net/ip_conntrack | grep tcp | awk {'print $5'} | sed -e 's/src=//' | sort | uniq -c | sort


Checked & tested ... looks like a useful starting point - but only using both together.

UPDATE: After rechecking all actual connections for more than half an hour, it seems that even only allowing encrypted torrent traffic, there are many, many udp-DNS-requests, so I removed the "grep -v dport=53".

P.S. I have not even seen the source other Freifunk communities like Berlin or Chemnitz do already have in use - it is/was just for my own curiosity.