Bit_torrent block



  • can someone please guide me with steps how to completely block P2P file sharing on pfsense. Someone in the network is uploading copy right contents and causing issues for us. Please tell us the steps. thanks



  • Blocking bittorent is not really possible.

    AFAIK, the most popular/effective method to deal with bittorrent is to use traffic-shaping limiters or queues to not allow anyone to completely saturate the connection. For example: https://forum.pfsense.org/index.php?topic=63531.0



  • The best way I found it to use the uPnP section to see who has those types of sessions open find the IP or MAC and then I will make a LAN rule to block all IPv4/v6 from that address and sit back and wait till they come find me as to why they can't do anything anymore.  Crude but effective.  And you can make a static DHCP for that MAC so they will always get that IP.



  • Heh. I did something similar at a past LAN and had a clever fellow keep changing his MAC. Unfortunately for him his PC name was descriptive enough; "Lian Li" that I just walked through a few aisles looking for that type of case until I found him.



  • @mcwtim:

    Heh. I did something similar at a past LAN and had a clever fellow keep changing his MAC. Unfortunately for him his PC name was descriptive enough; "Lian Li" that I just walked through a few aisles looking for that type of case until I found him.

    lol. The best traffic-shaping is nothing compared to physical confrontation.  :o



  • That is why I want managed Layer2 switches on the tables so instead I could just disable port or NAC it in some way.  Granted he could change his port but at that point most people would think it was the cable or something and spend time troubleshooting that.

    Plus you would know what table he was at and it would make it easier to find him / her.



  • Also to the OP, from the way your message reads I take it you are possibly an internet cafe or similar. What Nullity and sideout said were correct, there really is no effective way to stop all torrenting from your LAN. I do suggest what was advised to prevent any one user from screwing up the connection for everyone else.

    I will also suggest a further step to reduce the amount of infringement emails you may be getting from your ISP. Install pfBlockerNG and pay for an I-BLocklist subscription and add this specific list:
    https://www.iblocklist.com/list?list=srzondksmjuwsvmgdbhi

    pfBlockerNG info:
    https://forum.pfsense.org/index.php?topic=86212.0

    IANAL and I am not advocating you aid people in copyright infringement, I am just offering advice on how to shield yourself a bit from your users actions. IMO the $10 a year is worth it.



  • @Nullity:

    @mcwtim:

    Heh. I did something similar at a past LAN and had a clever fellow keep changing his MAC. Unfortunately for him his PC name was descriptive enough; "Lian Li" that I just walked through a few aisles looking for that type of case until I found him.

    lol. The best traffic-shaping is nothing compared to physical confrontation.  :o

    This is when you download one of those fake pirated FBI screensavers and put a password lock on the workstation, and see how they grovel to you not to rat them out so they can keep their job when they see it.



  • @foonus:

    @Nullity:

    @mcwtim:

    Heh. I did something similar at a past LAN and had a clever fellow keep changing his MAC. Unfortunately for him his PC name was descriptive enough; "Lian Li" that I just walked through a few aisles looking for that type of case until I found him.

    lol. The best traffic-shaping is nothing compared to physical confrontation.  :o

    This is when you download one of those fake pirated FBI screensavers and put a password lock on the workstation, and see how they grovel to you not to rat them out so they can keep their job when they see it.

    BOFH
    ;)