Proper use of Layer7 to "block" bittorrent, p2p, etc.



  • Here are a few screenshots of my setup:

    First, my only real objective at this point is to block peer-to-peer traffic for one particular subnet flowing through my router.

    I am curious if I my implementation is correct.






  • I am also confused with something as well. pfSense firewall rule theory is still a bit new to me and requires me to really think about rules before creating them. I know that rules are executed when packets are received on the rules respective interfaces. I believe that floating rules are executed when "any" packets are received from "any" interfaces? Also, once a rule matches a packet, do other rules get executed as well? For example, lets say I wanted to create a few different layer 7 containers and apply numerous filters to an interface? Are the containers involved in determining whether or not a packet matches a rule? That is what's confusing me.


Locked