The ability to apply these kinds of filters in UBNT and Mikrotik firmware
will be limited, but I've had moderate success using Boyer-Moore filters
with iptables in OpenWRT land. The commands below are for a chain labeled
"p2pblock," through which all incoming NAT traffic to be forwarded, ports
1024 above, are piped. Not 100% by any measure, but it does help to
unambiguously identify unencrypted torrent traffic.
iptables -I p2pblock -m string --string "BitTorrent protocol"
--algo bm -m recent --rdest --set --name P2PBLOCK
iptables -I p2pblock -m string --string "BitTorrent protocol"
--algo bm -m limit --limit 1/minute -j LOG --log-prefix P2PBLOCK-seen-bitbm:
https://en.wikipedia.org/wiki/Boyer%E2%80%93Moore_string_search_algorithm
https://forum.openwrt.org/viewtopic.php?id=38843 (demonstration for OpenWRT)
On Tue, Feb 18, 2014 at 1:15 PM, Josh Reynolds <[email protected]> wrote:
> We do L7 QoS / shaping / filtering at our head end with a very expensive
> IPOQUE PRX device, and explicitly block torrents. It's also discussed in
> our ToS. The only way I've found to get around it is by using a socks proxy
> to another country just for torrent traffic.
>
>
--
Ben West
[email protected]
_______________________________________________
Wireless mailing list
[email protected]
http://lists.wispa.org/mailman/listinfo/wireless
