Off Topic - Block iCloud -
Bob Goodwin - Zuni, Virginia, USA
bobgoodwin at wildblue.net
Wed Apr 10 09:26:43 UTC 2013
On 09/04/13 21:28, Sam Varshavchik wrote:
>
> I'm not sure if this is the same issue, but when one member of my
> household acquired a Macbook, that thing just started flooding my
> bandwidth.
>
> I didn't know, at first, WTF was going on, and I didn't tie it to the
> Macbook, but, fortunately, at that time I /was/ running a router with
> DD-WRT firmware, so I could ssh into the router itself, and see that
> it was the Macbook flinging crap into the Intertubes.
Yes, about the same thing happened here but it cost me a lot of
bandwidth usage/money before I understood what was happening. I couldn't
believe anyone would create a system that worked that way! Last fall she
put all the Apple stuff on the iCloud system and the mysterious usage began.
>
> That hacked router, sadly, gave up the magic blue smoke some time ago,
> and I just didn't have the mental fortitude to set up another
> hackarouter, so I now have a stock Netgear WNDR3700v3 which, AFAIK,
> doesn't have any way to report which connected device is generating
> how much bandwidth, so I don't think I'd have any way of know what is
> coming out of which device, but, back then I was lucky.
>
> Anyway, the traffic that I saw coming out of the Macbook was massive
> amounts of /UDP/ traffic to high ports, looked like some kind of a
> peer-to-peer protocol. But it was all UDP. I didn't want to waste any
> more time on this nonsense. The DD-WRT firmware allowed me to bind
> filtering rules to MAC addresses. So, I set up a rule tied to the
> Macbook MAC address, that blocked all traffic to UDP ports 1024-65535.
I'm presently using a Buffalo WZR-HP-G450H which I believe came with
DD-WRT installed. I have several other routers in which I have installed
DD-WRT but settled on this one for no special reason, they all work. It
looks to me like I should be able to block connection to "icloud.com" in
the router but so far that has not worked. The usage continues to grow
when I allow the Mac with iCloud to connect.
I can block other addresses, when the kids want iTunes or a PS3 update I
have to enable the connections for them.
>
> That solved the problem for good, and I had no complaints. There's no
> legitimate, mainstream, consumer Intertube use that needs high UDP
> port ranges.
It should be that simple for me too, but alas nothing is easy!
>
> P.S. The replacement Netgear router's firmware couldn't do MAC-based
> filtering. So, when I carefully configured it, I just had the router's
> DHCP server bind the Macbook's MAC address to a statically assigned IP
> address, and set up the router to block all traffic from that IP
> address to UDP ports 1024-65535.
>
I don't see a way to block ports in this Buffalo DD-WRT? Perhaps they
removed something. I'll try another router later, but what I've done it
seems should work ...
--
http://www.qrz.com/db/W2BOD
box10 Fedora-18 XFCE Linux
More information about the users
mailing list