How to block torrent traffic on pfSense ?



  • Hi,  I'm pfsense beginer user,I had installed pfSnse 2.0.1 in university and speed of Internet is too low and I need to block torrent traffic. Could you tell me how to block torrent traffic in pfSense with(SquidGuard or squid)
    Thanks !! ???



  • It is really hard if not to say nearly impossible to block torrent. You can block .torrent files in squidguard or torrent pages.
    The Layer7 option to block torrent isn't working because torrent traffic is often encrypted and cannot be blocked.

    Perhaps you should think about another posibility - not to block the bad traffic but to priorize the good traffic.
    You can create shaper/limiters which allow high priority for well known traffic like DNS, http, https and limit all other traffic to a very low bandwidth.



  • A close firewall setup + squidguard/dansguardian to filter http + allow only know ssl sites can do a good job on torrent fight.



  • you can use vpn to unblock .



  • Loading the p2p rules in Snort works for me.
    You can choose to block source and/or destination ip.



  • Snort seems to work for me too. With Snort and Emerging Threats p2p enabled.



  • Snort would be an option, however blocking the "offending" IP altogether seems a bit too drastic for some environments. Ideally one should be able to simply drop P2P connections …

    One idea that comes to mind is to have Snort "tag" (mark) certain connections as P2P and then be able to drop those connections in the firewall rules: block in log all tag $snort-p2p

    I have to check whether Ermal's recent improvements to spoink/Snort (see https://github.com/bsdperimeter/pfsense-tools/tree/master/pfPorts/snort/files) allows tagging …



  • use proxy or vpn will be better



  • @yeeah39:

    use proxy or vpn will be better

    they are trying to block the traffic, not find a way around it… With a close fw, only allowing the ports to you.. Makes it hard to use an external proxy and vpn... unless they use a port that you have open for internet access.



  • The snort tagging would be only useful if snort is put inline.
    Furthermore the encryption of torrent will just make it impossible for snort as well to detect it.


Log in to reply