Off Topic - Block iCloud -

Sam Varshavchik mrsam at courier-mta.com
Wed Apr 10 01:28:24 UTC 2013 

Bob Goodwin - Zuni, Virginia, USA writes:

> Can anyone tell me how to block Apple iCloud in my router? I've tried  
> filtering icloud.com as mentioned in Google but it still downloads at about  
> 3GB per hour, a rate that would use up my month's allocation in about 8  
> hours! There seems to be a dearth of information on Google on the subject  
> although it is a recognized problem.

I'm not sure if this is the same issue, but when one member of my household  
acquired a Macbook, that thing just started flooding my bandwidth.

I didn't know, at first, WTF was going on, and I didn't tie it to the  
Macbook, but, fortunately, at that time I /was/ running a router with DD-WRT  
firmware, so I could ssh into the router itself, and see that it was the  
Macbook flinging crap into the Intertubes.

That hacked router, sadly, gave up the magic blue smoke some time ago, and I  
just didn't have the mental fortitude to set up another hackarouter, so I  
now have a stock Netgear WNDR3700v3 which, AFAIK, doesn't have any way to  
report which connected device is generating how much bandwidth, so I don't  
think I'd have any way of know what is coming out of which device, but, back  
then I was lucky.

Anyway, the traffic that I saw coming out of the Macbook was massive amounts  
of /UDP/ traffic to high ports, looked like some kind of a peer-to-peer  
protocol. But it was all UDP. I didn't want to waste any more time on this  
nonsense. The DD-WRT firmware allowed me to bind filtering rules to MAC  
addresses. So, I set up a rule tied to the Macbook MAC address, that blocked  
all traffic to UDP ports 1024-65535.

That solved the problem for good, and I had no complaints. There's no  
legitimate, mainstream, consumer Intertube use that needs high UDP port  
ranges.

P.S. The replacement Netgear router's firmware couldn't do MAC-based  
filtering. So, when I carefully configured it, I just had the router's DHCP  
server bind the Macbook's MAC address to a statically assigned IP address,  
and set up the router to block all traffic from that IP address to UDP ports  
1024-65535.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20130409/93c5cd48/attachment-0001.sig>

More information about the users mailing list