Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Block Steam Downloads

    Scheduled Pinned Locked Moved Firewalling
    11 Posts 4 Posters 5.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • KOMK Offline
      KOM
      last edited by

      Post a screenshot of your rule.  Maybe there was a problem with the rule.

      1 Reply Last reply Reply Quote 0
      • S Offline
        Sliffer21
        last edited by

        Sure thing, here is it attached

        ss1.png
        ss1.png_thumb

        1 Reply Last reply Reply Quote 0
        • S Offline
          Sliffer21
          last edited by

          Here are the full details

          Untitled.png
          Untitled.png_thumb

          1 Reply Last reply Reply Quote 0
          • KOMK Offline
            KOM
            last edited by

            Where is your rule placed in relation to the others?  Rules are processed top-down, so if you put that rule after the Allow All rule then it won't trigger.

            I would activate the rule, clear the states (Diagnostics - States - Reset States), and then run a packet capture (Diagnostics - Packet Capture) while doing a Steam download test to see what traffic is actually passing through.

            1 Reply Last reply Reply Quote 0
            • S Offline
              Sliffer21
              last edited by

              I have it at the top of the list, and sure I will do that here in about 3 hours when I get back.

              1 Reply Last reply Reply Quote 0
              • S Offline
                Sliffer21
                last edited by

                Hey looks like that did the trick just fine now. Thanks for the help!

                1 Reply Last reply Reply Quote 0
                • S Offline
                  Sliffer21
                  last edited by

                  Firewall > Rules > LAN

                  Add new rule

                  Action: Block
                  Interface: LAN
                  TCP/IP Version: IPv4 (In my case)
                  Protocol: TCP/UDP
                  Source: Any
                  Destination: Any
                  Destination Port Range: 27014 to 27050

                  Now the issue I faced was this blocked steam completely not just the downloads. Also this does not prevent VPNs from being used to bypass the rule.

                  1 Reply Last reply Reply Quote 0
                  • KOMK Offline
                    KOM
                    last edited by

                    Now the issue I faced was this blocked steam completely not just the downloads.

                    Check the firewall log and see whats being blocked, then modify your rule to accommodate it.

                    Also this does not prevent VPNs from being used to bypass the rule.

                    Well, that's pretty much the entire point of VPNs, isn't it?

                    1 Reply Last reply Reply Quote 0
                    • O Offline
                      OzRattler
                      last edited by

                      Thanks!

                      That seemed to work generally though I have just been watching and checking the States Table to see how despite the rules and limiters the son's PC consumes 99% of the bandwidth.  Modification of the Rule to match a targeted Steam IP ~ 103.2.118.3 ~ failed to have an impact.  Resetting the States and hoping to see a slump, nothing.  [Mind limiter is set to 2Mb IN]

                      Rule images attached…..names explanatory.  That is a targeted one.

                      Perhaps I am NOT seeing the forest because of the trees and missing something silly?

                      pfSense:
                      2.2-RELEASE (i386)
                      built on Thu Jan 22 14:04:25 CST 2015
                      FreeBSD 10.1-RELEASE-p4

                      I realise that this is just ONE IP and have the PORTS selected similarly.

                      AND does Stream use 443 at all?  I will assume from reading other threads that pf cannot stop encrypted traffic.

                      Time to hit the Submit button!!

                      Thanks in advance...

                      ![Steam Rule Top.jpg](/public/imported_attachments/1/Steam Rule Top.jpg)
                      ![Steam Rule Top.jpg_thumb](/public/imported_attachments/1/Steam Rule Top.jpg_thumb)
                      ![Steam Rule Low.jpg](/public/imported_attachments/1/Steam Rule Low.jpg)
                      ![Steam Rule Low.jpg_thumb](/public/imported_attachments/1/Steam Rule Low.jpg_thumb)
                      ![Steam Ports.jpg](/public/imported_attachments/1/Steam Ports.jpg)
                      ![Steam Ports.jpg_thumb](/public/imported_attachments/1/Steam Ports.jpg_thumb)


                      …insanity is so confusing...

                      1 Reply Last reply Reply Quote 0
                      • R Offline
                        RSTech
                        last edited by

                        Dude, you've got the rule set to "Pass"… this may be your problem.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.