Block Steam Downloads



  • Hello,

    I was wondering if someone could help me block steam downloads for one of our interfaces. I still want to allow game play just not downloading on one of our LAN interfaces. I have attempted to block ports 27014-27050 but that doesn't seem to work. Any suggestions?



  • Post a screenshot of your rule.  Maybe there was a problem with the rule.



  • Sure thing, here is it attached




  • Here are the full details




  • Where is your rule placed in relation to the others?  Rules are processed top-down, so if you put that rule after the Allow All rule then it won't trigger.

    I would activate the rule, clear the states (Diagnostics - States - Reset States), and then run a packet capture (Diagnostics - Packet Capture) while doing a Steam download test to see what traffic is actually passing through.



  • I have it at the top of the list, and sure I will do that here in about 3 hours when I get back.



  • Hey looks like that did the trick just fine now. Thanks for the help!



  • Firewall > Rules > LAN

    Add new rule

    Action: Block
    Interface: LAN
    TCP/IP Version: IPv4 (In my case)
    Protocol: TCP/UDP
    Source: Any
    Destination: Any
    Destination Port Range: 27014 to 27050

    Now the issue I faced was this blocked steam completely not just the downloads. Also this does not prevent VPNs from being used to bypass the rule.



  • Now the issue I faced was this blocked steam completely not just the downloads.

    Check the firewall log and see whats being blocked, then modify your rule to accommodate it.

    Also this does not prevent VPNs from being used to bypass the rule.

    Well, that's pretty much the entire point of VPNs, isn't it?



  • Thanks!

    That seemed to work generally though I have just been watching and checking the States Table to see how despite the rules and limiters the son's PC consumes 99% of the bandwidth.  Modification of the Rule to match a targeted Steam IP ~ 103.2.118.3 ~ failed to have an impact.  Resetting the States and hoping to see a slump, nothing.  [Mind limiter is set to 2Mb IN]

    Rule images attached…..names explanatory.  That is a targeted one.

    Perhaps I am NOT seeing the forest because of the trees and missing something silly?

    pfSense:
    2.2-RELEASE (i386)
    built on Thu Jan 22 14:04:25 CST 2015
    FreeBSD 10.1-RELEASE-p4

    I realise that this is just ONE IP and have the PORTS selected similarly.

    AND does Stream use 443 at all?  I will assume from reading other threads that pf cannot stop encrypted traffic.

    Time to hit the Submit button!!

    Thanks in advance...

    ![Steam Rule Top.jpg](/public/imported_attachments/1/Steam Rule Top.jpg)
    ![Steam Rule Top.jpg_thumb](/public/imported_attachments/1/Steam Rule Top.jpg_thumb)
    ![Steam Rule Low.jpg](/public/imported_attachments/1/Steam Rule Low.jpg)
    ![Steam Rule Low.jpg_thumb](/public/imported_attachments/1/Steam Rule Low.jpg_thumb)
    ![Steam Ports.jpg](/public/imported_attachments/1/Steam Ports.jpg)
    ![Steam Ports.jpg_thumb](/public/imported_attachments/1/Steam Ports.jpg_thumb)



  • Dude, you've got the rule set to "Pass"… this may be your problem.


Log in to reply