From owner-freebsd-net@FreeBSD.ORG  Fri Dec 15 15:27:53 2006
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id CEE9216A4D8
	for <freebsd-net@freebsd.org>; Fri, 15 Dec 2006 15:27:53 +0000 (UTC)
	(envelope-from josh@tcbug.org)
Received: from sccrmhc12.comcast.net (sccrmhc12.comcast.net [204.127.200.82])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7D5C043CA6
	for <freebsd-net@freebsd.org>; Fri, 15 Dec 2006 15:26:10 +0000 (GMT)
	(envelope-from josh@tcbug.org)
Received: from gimpy (c-24-118-186-172.hsd1.mn.comcast.net[24.118.186.172])
	by comcast.net (sccrmhc12) with ESMTP
	id <20061215152750012004i3fte>; Fri, 15 Dec 2006 15:27:51 +0000
From: Josh Paetzel <josh@tcbug.org>
To: freebsd-net@freebsd.org
Date: Fri, 15 Dec 2006 09:27:43 -0600
User-Agent: KMail/1.9.4
References: <6199c3dc0612140941n48832de0id6710f3f3e98345d@mail.gmail.com>
	<f85d6aa70612141608i3df93d3cp1b2a6e7d8b1e13e7@mail.gmail.com>
	<20061215022532.GJ1038@gremlin.foo.is>
In-Reply-To: <20061215022532.GJ1038@gremlin.foo.is>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200612150927.43706.josh@tcbug.org>
Cc: Benjamin Adams <freebsdworld@gmail.com>
Subject: Re: stop bittorrents
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Dec 2006 15:27:53 -0000

On Thursday 14 December 2006 20:25, Baldur Gislason wrote:
> Most of the torrent clients do encrypted sessions nowadays so they
> really are impossible to detect by simply parsing the packets.
>
> Baldur
>
> On Fri, Dec 15, 2006 at 02:08:41AM +0200, Ivo Vachkov wrote:
> > I'm not familiar with bittorrent protocol but I guess you can
> > always implement simple L7 filter using ipfw rules to divert
> > packets to a custom daemon that can parse the data and drop
> > torrent packets. I did something similar for ICQ several years
> > ago.
> >
> > On 12/14/06, Julian H. Stacey <jhs@flat.berklix.net> wrote:
> > >> Thus you'd still achieve your ideal of
> > >> avoiding spending money rather than your time on it :-)
> > >
> > >Sorry, I wrote that wrongly, I meant:
> > >  Thus you'd still spend money & still save spending your own
> > > work time on it.
> > >
> > >--

Probably the simplest pain free solution I can think of is to get a 
linksys WRT54G-L and flash it with DD-WRT firmware.  Comes with a 
nifty drop-down menu in the access control page that allows you to 
block things by service.  Not entirely sure *how* it works, but it 
seems to be very effective at blocking at the application 
layer....including bt and even skype.

-- 
Thanks,

Josh Paetzel