Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    L7 block not working

    Scheduled Pinned Locked Moved Traffic Shaping
    5 Posts 4 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      TU1976
      last edited by

      Hi guys,

      I have one VLAN where I dont want to allow any torrent-traffic.
      For this I created one Layer7-Limiter, chose "bittorrent" and as "action" "block" .
      I then added this Limiter in the advanced options of my outgoing FW-Rule.

      But from my testclient I still can download torrents at high speeds.
      Where is my mistake?

      pfsense 2.0.1

      Regards
      T

      1 Reply Last reply Reply Quote 0
      • G
        game60
        last edited by

        Try this  http://forum.pfsense.org/index.php/topic,43504.0.html

        1 Reply Last reply Reply Quote 0
        • T
          TU1976
          last edited by

          ok, you want to tell me that the QOS is broken?

          EDIT:
          Ok, if it is broken:
          1. How can I check if it is broken?
          2. Is there something I need to turn on/check on some other config-files before using the L7-Blocker?

          EDIT2:
          Seems like I am not the only one havong this problem. HTTP-Traffice is easily blocked using a L7-Shaper, but bittorrent not. So I will try to use squid and block torrent downloads.
          Then this topic can be closed.

          Regards
          T

          1 Reply Last reply Reply Quote 0
          • C
            c0re
            last edited by

            Yes, I am actually trying to get this to work correctly right now as well. For some reason, no matter what I do, the L7 filter never seems to catch Bittorrent traffic. I know if the traffic is encrypted it won't find it, but I checked my client and encryption is disabled.

            Really all I want is to make sure Bittorrent gets moved to the lowest possible queue, which seems simple but it doesn't work…

            If I'm not mistaken normally you would:

            • Add your rules to a L7 container and name it
            • Add a floating firewall rule to apply your TCP/UDP traffic to that container if it originates from LAN

            Yet, no matter how vague I get with my rules it does nothing, so I can only assume it's broken?

            1 Reply Last reply Reply Quote 0
            • B
              bolerodan
              last edited by

              Same issues here. L7 torrent doesnt work for non encrypted torrent traffic but we can stop http with the L7 containers

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.