PfSense 2.0-RC2: block utorrent's uTP connections?
-
Is it possible with standard pfSense 2 tools?
UPD: I have working iptables rules for this case, anyone could tell me, how to convert it for pfSense?
iptables -I FORWARD 1 -m udp -p udp -m string --hex-string "|7FFFFFFFAB|" --algo kmp --from 40 --to 44 -m statistic --mode random --probability 0.90 -j REJECT --reject-with icmp-port-unreachable iptables -I FORWARD 2 -m udp -p udp -m string --hex-string "|7fffffff0003|" --algo kmp --from 36 --to 41 -m statistic --mode random --probability 0.90 -j REJECT --reject-with icmp-port-unreachable iptables -I FORWARD 3 -m udp -p udp -m string --hex-string "|0000000000380000|" --algo kmp --from 36 --to 43 -m statistic --mode random --probability 0.90 -j REJECT --reject-with icmp-port-unreachable
-
Is it possible with standard pfSense 2 tools?
UPD: I have working iptables rules for this case, anyone could tell me, how to convert it for pfSense?
iptables -I FORWARD 1 -m udp -p udp -m string --hex-string "|7FFFFFFFAB|" --algo kmp --from 40 --to 44 -m statistic --mode random --probability 0.90 -j REJECT --reject-with icmp-port-unreachable iptables -I FORWARD 2 -m udp -p udp -m string --hex-string "|7fffffff0003|" --algo kmp --from 36 --to 41 -m statistic --mode random --probability 0.90 -j REJECT --reject-with icmp-port-unreachable iptables -I FORWARD 3 -m udp -p udp -m string --hex-string "|0000000000380000|" --algo kmp --from 36 --to 43 -m statistic --mode random --probability 0.90 -j REJECT --reject-with icmp-port-unreachable
Hi
As far as know no ,but you got Layer7 functionality that doing the same job
under Firewall: Traffic Shaper: Layer7 >you create new group of P2P and assign to it bitorrent , e-donkey
Next you assign this group under you're local LAN allow outbound rule under Advanced features there Layer7 you choose the pre-configured layer7 group created previously and you are done.
other than that there is excellent package SNORT over there you got whole section rule for P2P or what ever type of protocol you can think of for blocking.
Regards