PfSense 2.0-RC2: block utorrent's uTP connections?



  • Is it possible with standard pfSense 2 tools?

    UPD: I have working iptables rules for this case, anyone could tell me, how to convert it for pfSense?

    iptables -I FORWARD 1 -m udp -p udp -m string --hex-string "|7FFFFFFFAB|" --algo kmp --from 40 --to 44 -m statistic --mode random --probability 0.90 -j REJECT --reject-with icmp-port-unreachable
    iptables -I FORWARD 2 -m udp -p udp -m string --hex-string "|7fffffff0003|" --algo kmp --from 36 --to 41 -m statistic --mode random --probability 0.90 -j REJECT --reject-with icmp-port-unreachable
    iptables -I FORWARD 3 -m udp -p udp -m string --hex-string "|0000000000380000|" --algo kmp --from 36 --to 43 -m statistic --mode random --probability 0.90 -j REJECT --reject-with icmp-port-unreachable
    


  • @pekmop1024:

    Is it possible with standard pfSense 2 tools?

    UPD: I have working iptables rules for this case, anyone could tell me, how to convert it for pfSense?

    iptables -I FORWARD 1 -m udp -p udp -m string --hex-string "|7FFFFFFFAB|" --algo kmp --from 40 --to 44 -m statistic --mode random --probability 0.90 -j REJECT --reject-with icmp-port-unreachable
    iptables -I FORWARD 2 -m udp -p udp -m string --hex-string "|7fffffff0003|" --algo kmp --from 36 --to 41 -m statistic --mode random --probability 0.90 -j REJECT --reject-with icmp-port-unreachable
    iptables -I FORWARD 3 -m udp -p udp -m string --hex-string "|0000000000380000|" --algo kmp --from 36 --to 43 -m statistic --mode random --probability 0.90 -j REJECT --reject-with icmp-port-unreachable
    

    Hi
    As far as know no ,but you got Layer7 functionality that doing the same job
    under Firewall: Traffic Shaper: Layer7 >you create new group of P2P and assign to it bitorrent , e-donkey 
    Next you assign this group under you're local LAN allow outbound  rule under Advanced features there Layer7 you choose the pre-configured layer7 group created previously and you are done.
    other than that there is excellent package SNORT over there you got whole section rule for P2P or what ever type of protocol you can think of  for blocking.
    Regards


Locked