hii all u can use this ip tables script to block p2p
this script allow only http, shell access, ftp, yahoo and MSN
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
#
#
iptables -F INPUT
iptables -F FORWARD
iptables -F OUTPUT
iptables -F -t nat
#eth0 is local ip
#eth1 is public ip
#
#
#INPUT Rule
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i eth1 -s 0/0 -d 0/0 -j ACCEPT
iptables -A INPUT -i lo -s 0/0 -d 0/0 -j ACCEPT
iptables -A INPUT -p tcp -s 0/0 -d 0/0 --destination-port 80 -j ACCEPT
iptables -A INPUT -p tcp -s 0/0 -d 0/0 --destination-port 443 -j ACCEPT
iptables -A INPUT -p tcp -s 0/0 -d 0/0 --destination-port 22 -j ACCEPT
iptables -A INPUT -p udp -s 0/0 -d 0/0 --destination-port 53 -j ACCEPT
iptables -A INPUT -p tcp -s 0/0 -d 0/0 --destination-port 1863 -j ACCEPT
iptables -A INPUT -p tcp -s 0/0 -d 0/0 --destination-port 5050 -j ACCEPT
iptables -A INPUT -p tcp -s 0/0 -d 0/0 --destination-port 21 -j ACCEPT
#
#Forward rule
iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth0 -p tcp --destination-port 80 -o eth1 -j ACCEPT
iptables -A FORWARD -i eth0 -p tcp --destination-port 443 -o eth1 -j ACCEPT
iptables -A FORWARD -i eth0 -p udp --destination-port 53 -o eth1 -j ACCEPT
iptables -A FORWARD -i eth0 -p tcp --destination-port 1863 -o eth1 -j ACCEPT
iptables -A FORWARD -i eth0 -p tcp --destination-port 5050 -o eth1 -j ACCEPT
iptables -A FORWARD -i eth0 -p tcp --destination-port 22 -o eth1 -j ACCEPT
iptables -A FORWARD -i eth0 -p tcp --destination-port 21 -o eth1 -j ACCEPT
#
#nat table
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE