Matthew Lenz wrote:
Doesn't just about all P2P require some kind of port redirection or UPnP on the firewall to allow any kind of uploading to occur?
No, almost all don't. Actually I can't think of any offhand that require ports opened inbound. Even BitTorrent, which likes to have open ports, can upload without them. And the problem with blocking the vast majority of them is they don't stick with a single port like they did back in the good ol' days. They'll hop until they find an open port, and they'll pretty much all try port 80. So unless you don't allow anything outbound, or force outbound proxying for all Internet access (as all well controlled networks should do), you're pretty much stuck with allowing P2P. The best solution is any sort of layer 7 filtering, which is best suited for a proxy server, not a firewall. There are probably ways to accomplish this with a package of some sort (though one doesn't exist at this time).
