Geek Style

If you haven’t seen roundcube webmail yet, it’s an eye-candy web based email client based on IMAP protocol. The project has not released version 1.0 yet after two years but being actively developed. If you are interested, there is also a trac website available for the project.
I used to create nightly snapshots from the cvs since 2005, however the project recently announced they are publishing nightly snapshots on their website (finally!).

Enough for an introduction to roundcube.

I have been the maintainer of this project in FreeBSD ports tree for more than a year now, and tried to keep the port up to date using the snapshots I make once in a while.
Using ports, you can easily install and update roundcube on a FreeBSD server.

If you are interested, there are a few tutorials on the net that can help you installing roundcube on your server and get the most out of it:

- Setup Roundcube on FreeBSD
- HOWTO: Install Roundcube Webmail from SVN (was CVS) on FreeBSD
- HOW TO: Setup RoundCube Webmail on Your Server

I have been lazy in updating the ports I maintain in ports tree recently. However a number of patches are ready to be tested and committed once I find sometime during next weekend.

It’s ports freeze time for FreeBSD and everyone is getting ready for 6.2-RELEASE.
Porters are happily taking care of their personal life while the freeze is in effect. They also have some time to blog and chat.
Kris Kennaway is advising porters to take care of broken ports in order to avoid getting bored.

I am moving all my Unix (mostly FreeBSD and Solaris) development efforts to a new website: www.uniXified.net. The site is already up and running as my test platform. The server is running FreeBSD 5.4-STABLE (obviously!) and TextPattern as CMS.

I am also hosting nightly snapshots of RoundCube webmail project on this new website, because RoundCube team is too lazy to release their software.

After web traffic, P2P consumes big amount of your invaluable bandwidth.
Once you block in, you will findout how much of your bandwidth was being wasted by P2P programs.

I managed to put up a simple access list (in FreeBSD ipfw format, but you can convert it to your favorite format easily) to block this sort of traffic, and the result was acceptable.

My /etc/ipfw.conf:

# kazaa - fasttrack clones
add deny tcp from any to any 1214
add deny udp from any to any 1214

# edonkey and clones
add deny tcp from any to any 4661-4672
add deny udp from any to any 4661-4672

# winmx and napster
add deny tcp from any to any 6257
add deny udp from any to any 6257
add deny tcp from any to any 6699
add deny udp from any to any 6699

# bittorrent
add deny tcp from any to any 6881-6889
add deny udp from any to any 6881-6889

# gnutella
add deny tcp from any to any 6346
add deny udp from any to any 6346

After applying above restriction, I saw a 10% drop on our traffic.

I was trying some hours to find a comprehensive list of known P2P protocols and their TCP/UDP ports, but I couldn’t. I guess no one has tried to make one yet.
I am thinking of making this list here, on my website, which would be very useful for network admins.
That would be a list of P2P protocols and their associated applications, as well as their Layer 4-7 information, to make them easier to control or block. It is a basic idea, and needs to be cooked well.

I would be happy to see your helpful comments on this subject.