On Aug 19, 2015, at 1:32 AM, A Mohan Rao <[email protected]> wrote: > > sorry not clear your point...!
I believe the point is that focusing on blocking port ranges like 6881-6889 is horribly outdated with modern BitTorrent clients. :-) Many BitTorrent clients will choose a random port on startup and then use NAT-PMP or uPnP to open it at the firewall to ensure the client is reachable. It's also common for BitTorrent clients to use various methods to discover clients (PEX, DHT, local peer discovery), and also to encrypt traffic between those clients. Increasingly, people are also using VPN providers to connect to BitTorrent trackers or otherwise connect to swarms. Cheers, Paul. > > On Wed, Aug 19, 2015 at 1:21 AM, Espen Johansen <[email protected]> wrote: > >> Focus on layer 7. Most torrent clients use dynamic ports. And disable upnp >> as that will defeat the ports blocking as well. >> >> -lsf >> >> tir. 18. aug. 2015, 21.21 skrev A Mohan Rao <[email protected]>: >> >>> Hello pfSense experts, >>> >>> I find out torrents ports like 6881-6889 etc. >>> And create firewall block rule source lan network then destination any >> with >>> torrents ports but still users can download torrents data. >>> Also i created in traffic shaper layer 7 BitTorrent still not reached any >>> positive result. >>> Pls guide Where i m wrong or my rules not work... >>> >>> Thanks in advance. >>> >>> Mohan Rao >>> _______________________________________________ >>> pfSense mailing list >>> https://lists.pfsense.org/mailman/listinfo/list >>> Support the project with Gold! https://pfsense.org/gold >>> >> _______________________________________________ >> pfSense mailing list >> https://lists.pfsense.org/mailman/listinfo/list >> Support the project with Gold! https://pfsense.org/gold >> > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
