On 2013-04-29 07:21, Drew Lehman wrote:
I have a business connection from my ISP and run servers. I also like to seed Various Rescue disk and certain Linux distributions on Bittorrent. The problem is, despite having a commercial account, my ISP throttles anything with P2P, and takes the rest of my connection with it. So, in order to keep that from happening, I got a VPN connection through an third-party. This works great, but my traffic is either VPN or not. The VPN provider works with OpenVPN and I want to know how to create a conditional route that routes all bit-torrent over the OpenVPN, but leaves connections such as my gaming and email through my normal WAN connection.
The trick here will be figuring out exactly what is and is not BitTorrent traffic, but the routing itself is actually fairly straightforward.
What you need to do is build a virtual interface for OpenVPN, once that's done, you can create a rule immediately above your LAN's "Default allow" rule to allow traffic and assign a specific gateway for specific traffic.
I do this on my LAN for port 25, since my ISP blocks port 25 and I need direct access to port 25 on remote servers for diagnostic reasons.
Check out an article like http://forum.pfsense.org/index.php?topic=29944.0 (in this case, look for "---Section 2---") which covers setting up an interface and creating routing rules -- This article may be a bit out of date, and of course it's aimed at setting up a specific VPN, but if you understand the concepts rather than following it letter for letter, it should be doable.
As far as narrowing down your BitTorrent traffic, your best bet might be to simply run BitTorrent on a specific local IP (or dedicated machine) and route all traffic from that machine out via your VPN.
This may still be somewhat problematic as BitTorrent really does need an inbound port opened as well, but that's between you and your VPN provider. An external seedbox might be a better approach, along with the VPN to handle other traffic.
-- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren _______________________________________________ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
