Route traffic from one port(s) to one WAN, and route another port(s) to OPT1


  • Hi,

    I work with a lot of torrent files, and at any given time could be download 10-20 torrents at a time.. This tends to eat all my available bandwidth, making tasks as simple as browsing nearly impossible on any of the computers in my network.

    What I would like to do.. Is route the port that uTorrent is running on through my OPT1 modem, and route any other traffic from computers in the network through my WAN interface.

    I looked around the forums a little bit, and couldn't really find a straight-forward answer to my question.
    If anyone could help me out, that would be awesome.

    Thanks guys!

  • Rebel Alliance Developer Netgate

    The problem is that torrents don't always go out the same port. The port that the traffic goes to depends on how the client is configured (and not just your client, every client peer you connect to!). Many clients pick random ports, or ride on common ports to avoid detection. So there is no clear way to specify what is and is not bittorrent traffic for the purposes of policy routing.

    Even in 2.0 this still can't be done effectively. You can use a Layer 7 container to identify and block/shape torrents, but it cannot be used for policy routing because by the time there is enough data to properly classify the traffic, the connection is established on a specific WAN already.

    You could designate one specific "torrenting" box and direct traffic from it to OPT1, and make it so that anyone who wants to download a torrent always uses that one specific PC.


  • How would I go about directing traffic from OPT1 to a specific internal IP, cause that would work good for my Mac Mini that I use for my TV, thats where 99% of torrent traffic goes anyways. And it would be nice for that to no longer effect the rest of my network.

    Thanks!


  • The way I do it is to have an alias with ports 22,80,443,1935,6667
    For that port alias create a rule using the default gateway
    below that, change the default rule to use wan2 gateway

    So no need to specify an lan ip.
    IMO if the above it's good enough then change the network to.

    wan –---          ---- lan
                pfSense
    wan2 ----          ---- lan2