Layer 7 rule

  • Hi I have created a layer 7 container to block torrents
    bittorrent action block

    I have then created a floating rule
    action pass
    interface lan
    protocol tcp/udp

    and in the advanced section selected by container name

    but using abc torrent downloader as a test I am still able too down load the freebsd iso

    Have I done it right ?

    2.0-RELEASE (i386)
    built on Tue Sep 13 17:28:43 EDT 2011

  • also tried creating a lan rule and updated too
    2.0.1-RELEASE (i386)
    built on Mon Dec 12 18:24:17 EST 2011
    FreeBSD 8.1-RELEASE-p6

    cleared states and I can still download

  • It might help if you were to provide screenshots of the configurations of both of those, so that people know what you've done.

  • Container



    Hope this helps a bit

    all so tried one for ssh too with out success

  • I would also like to know. I am in a similar situation and documentation in this area is sparse.

  • So does any have a working rule for this they could share please ?
    Just so I can compare

  • I'm experiencing the opposite: whenever I add a L7 rule - doesn't matter if it is on WAN, LAN or floating interface - all traffic is halted.

    See my post at,45240.0.html

    My settings look identical to that of @terryd.


    BTW, I'm running 2.01 with squid/squid filter. Not that squid should make any difference.

Log in to reply