cancel
Showing results for 
Search instead for 
Did you mean: 
rmp.dmd1229
Level 7

Blocking BitTorrent

We need to block bit torrent on our SG580 firewall.  I put on packet filtering

iptables -A FORWARD -m layer7 --l7proto bittorrent -j DROP

but still not blocking bitTorrent traffic.

what's the best way to block the traffic.

0 Kudos
6 Replies
rmp.dmd1229
Level 7

Re: Blocking BitTorrent


I add to URL blocking

torrentz.com 

bittorrentshare.com

and packet filtering

iptables -I FORWARD -p tcp -m mport --dport 6881:6999 -j DROP
iptables -I FORWARD -p tcp -m mport --dport 6969 -j DROP
iptables -I FORWARD -p tcp -m mport --dport 4865 -j DROP

but download using BitTorrent program can still be done.


Please help.

0 Kudos
rcamm
Level 13

Re: Blocking BitTorrent

try

ptables -I FORWARD -p tcp --dport 6881:6999 -j DROP
iptables -I FORWARD -p tcp --dport 6969 -j DROP
iptables -I FORWARD -p tcp --dport 4865 -j DROP

or you can also do it via packet filtering in the GUI

0 Kudos
rmp.dmd1229
Level 7

Re: Blocking BitTorrent

I tried it but still not blocking.

I also added:

iptables  -I FORWARD  -m layer7 --l7proto bittorrent -j DROP

but  BitTorrent program still download.

Any other options?

0 Kudos
Highlighted
rmp.dmd1229
Level 7

Re: Blocking BitTorrent

seems to be blocking now.


I also added on URL block:

tracker.publicbt.com

tracker.openbittorrent.com


with the iptables:

iptables -I FORWARD -p tcp --dport  6881:6999 -j DROP

iptables -I FORWARD -p tcp --dport 6969 -j  DROP

iptables -I FORWARD -p tcp  --dport 4865  -j DROP


iptables  -I FORWARD  -m layer7 --l7proto bittorrent -j DROP

Thanks for the help!

0 Kudos
dnikolov
Level 7

Re: Blocking BitTorrent

hi guys,

i also have SG580 and i have to block the torrent traffic in my office. So i put the the rows below in the "custom firewall rules"  but torrents still can be downloaded:

iptables -I FORWARD -p tcp --dport 6881:6999 -j DROP

iptables -I FORWARD -p tcp --dport 6969 -j DROP

iptables -I FORWARD -p tcp --dport 4865 -j DROP

iptables -I FORWARD -m layer7 --l7proto bittorrent -j DROP

Untitled.jpg

I added ports 60000:64000 since the the uttorent client uses this port range but it still works/downloads without any problems

Have you any other idea ?

0 Kudos
Tristan
Level 15

Re: Blocking BitTorrent

From a quick Google search shows blocking ports 6881:6999, 6969 & 4865 isn't going to help much as the P2P client can just choose a random port to use, sometimes even port 80 and 443 for trackers and downloads.

The only effect method of preventing its use is Layer 7 filtering but then if the client is using encryption then your even worse out of luck as layer 7 won't catch those packets..

http://www.security-forums.com/viewtopic.php?t=61658

https://forum.openwrt.org/viewtopic.php?pid=42598

0 Kudos