Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 20 Dec 2006 16:31:45 +0100
From:      =?ISO-8859-1?Q?H=E5kon_Granlund?= <hg@sircon.no>
To:        Josh Paetzel <josh@tcbug.org>
Cc:        freebsd-net@freebsd.org, Benjamin Adams <freebsdworld@gmail.com>
Subject:   Re: stop bittorrents
Message-ID:  <45895761.9080207@sircon.no>
In-Reply-To: <200612150927.43706.josh@tcbug.org>
References:  <6199c3dc0612140941n48832de0id6710f3f3e98345d@mail.gmail.com> <f85d6aa70612141608i3df93d3cp1b2a6e7d8b1e13e7@mail.gmail.com> <20061215022532.GJ1038@gremlin.foo.is> <200612150927.43706.josh@tcbug.org>

next in thread | previous in thread | raw e-mail | index | archive | help
Josh Paetzel wrote:
> On Thursday 14 December 2006 20:25, Baldur Gislason wrote:
>> Most of the torrent clients do encrypted sessions nowadays so they
>> really are impossible to detect by simply parsing the packets.
>>
>> Baldur
>>
>> On Fri, Dec 15, 2006 at 02:08:41AM +0200, Ivo Vachkov wrote:
>>> I'm not familiar with bittorrent protocol but I guess you can
>>> always implement simple L7 filter using ipfw rules to divert
>>> packets to a custom daemon that can parse the data and drop
>>> torrent packets. I did something similar for ICQ several years
>>> ago.
>>>
>>> On 12/14/06, Julian H. Stacey <jhs@flat.berklix.net> wrote:
>>>>> Thus you'd still achieve your ideal of
>>>>> avoiding spending money rather than your time on it :-)
>>>> Sorry, I wrote that wrongly, I meant:
>>>>  Thus you'd still spend money & still save spending your own
>>>> work time on it.
>>>>
>>>> --
>
> Probably the simplest pain free solution I can think of is to get a
> linksys WRT54G-L and flash it with DD-WRT firmware.  Comes with a
> nifty drop-down menu in the access control page that allows you to
> block things by service.  Not entirely sure *how* it works, but it
> seems to be very effective at blocking at the application
> layer....including bt and even skype.

I don't know about you, but I would think the easiest way to attack this
problem is banning the trackers from your network. Either just DROP them
or reroute to your own tracker which spits out the error message
"TORRENT IS BAD". You should, of course let useful (and legal) trackers
that host ISOs of *NIX distributions pass :-)

You could either block the trackers one by one as they pop up on your
network, or find a list of them online. This would make your lusers cry
in frustration since they can't connect to the trackers. I don't know
about trackerless torrents, but anyone using a public tracker wouldn't
be able to connect to them, not being unable to establish thousands of
connections to peers (connections are high digestive on physical resources).

Hope this gives you a backup plan in case you don't find what you're
looking for in filtering out the p2p connections.

--
Håkon Granlund



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45895761.9080207>