Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Block Steam Downloads

    Firewalling
    4
    11
    3910
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Sliffer21 last edited by

      Hello,

      I was wondering if someone could help me block steam downloads for one of our interfaces. I still want to allow game play just not downloading on one of our LAN interfaces. I have attempted to block ports 27014-27050 but that doesn't seem to work. Any suggestions?

      1 Reply Last reply Reply Quote 0
      • KOM
        KOM last edited by

        Post a screenshot of your rule.  Maybe there was a problem with the rule.

        1 Reply Last reply Reply Quote 0
        • S
          Sliffer21 last edited by

          Sure thing, here is it attached


          1 Reply Last reply Reply Quote 0
          • S
            Sliffer21 last edited by

            Here are the full details


            1 Reply Last reply Reply Quote 0
            • KOM
              KOM last edited by

              Where is your rule placed in relation to the others?  Rules are processed top-down, so if you put that rule after the Allow All rule then it won't trigger.

              I would activate the rule, clear the states (Diagnostics - States - Reset States), and then run a packet capture (Diagnostics - Packet Capture) while doing a Steam download test to see what traffic is actually passing through.

              1 Reply Last reply Reply Quote 0
              • S
                Sliffer21 last edited by

                I have it at the top of the list, and sure I will do that here in about 3 hours when I get back.

                1 Reply Last reply Reply Quote 0
                • S
                  Sliffer21 last edited by

                  Hey looks like that did the trick just fine now. Thanks for the help!

                  1 Reply Last reply Reply Quote 0
                  • S
                    Sliffer21 last edited by

                    Firewall > Rules > LAN

                    Add new rule

                    Action: Block
                    Interface: LAN
                    TCP/IP Version: IPv4 (In my case)
                    Protocol: TCP/UDP
                    Source: Any
                    Destination: Any
                    Destination Port Range: 27014 to 27050

                    Now the issue I faced was this blocked steam completely not just the downloads. Also this does not prevent VPNs from being used to bypass the rule.

                    1 Reply Last reply Reply Quote 0
                    • KOM
                      KOM last edited by

                      Now the issue I faced was this blocked steam completely not just the downloads.

                      Check the firewall log and see whats being blocked, then modify your rule to accommodate it.

                      Also this does not prevent VPNs from being used to bypass the rule.

                      Well, that's pretty much the entire point of VPNs, isn't it?

                      1 Reply Last reply Reply Quote 0
                      • O
                        OzRattler last edited by

                        Thanks!

                        That seemed to work generally though I have just been watching and checking the States Table to see how despite the rules and limiters the son's PC consumes 99% of the bandwidth.  Modification of the Rule to match a targeted Steam IP ~ 103.2.118.3 ~ failed to have an impact.  Resetting the States and hoping to see a slump, nothing.  [Mind limiter is set to 2Mb IN]

                        Rule images attached…..names explanatory.  That is a targeted one.

                        Perhaps I am NOT seeing the forest because of the trees and missing something silly?

                        pfSense:
                        2.2-RELEASE (i386)
                        built on Thu Jan 22 14:04:25 CST 2015
                        FreeBSD 10.1-RELEASE-p4

                        I realise that this is just ONE IP and have the PORTS selected similarly.

                        AND does Stream use 443 at all?  I will assume from reading other threads that pf cannot stop encrypted traffic.

                        Time to hit the Submit button!!

                        Thanks in advance...

                        ![Steam Rule Top.jpg](/public/imported_attachments/1/Steam Rule Top.jpg)
                        ![Steam Rule Top.jpg_thumb](/public/imported_attachments/1/Steam Rule Top.jpg_thumb)
                        ![Steam Rule Low.jpg](/public/imported_attachments/1/Steam Rule Low.jpg)
                        ![Steam Rule Low.jpg_thumb](/public/imported_attachments/1/Steam Rule Low.jpg_thumb)
                        ![Steam Ports.jpg](/public/imported_attachments/1/Steam Ports.jpg)
                        ![Steam Ports.jpg_thumb](/public/imported_attachments/1/Steam Ports.jpg_thumb)


                        …insanity is so confusing...

                        1 Reply Last reply Reply Quote 0
                        • R
                          RSTech last edited by

                          Dude, you've got the rule set to "Pass"… this may be your problem.

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post