[ previous ] [ next ] [ threads ]
 From:  andyiowalist at mchsi dot com
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] Can't seem to block bittorrent and other P2P traffic
 Date:  Sat, 05 Feb 2005 22:08:25 +0000
I decided to just block that one user everything minus the basic ports (mail,
web, IM stuff)

Serves him right.  I figure this was the only way to solve the problem.  He
refused to listen to me.
> BT uses more ports that just those you listed...it depends on the
> configuration of the client....for instance, my client at home uses a
> port in the 17,000 range.
> The best thing to do is to configure the BT client to limit upload
> speed...for instance, to say 20kbps. That will allow a decent upload
> while at the same time not hampering the download speed for the rest of
> the house.
> Or of course, you could look up you roommates client config and then
> totally block that port if you wanted to get back at them :-)
> Gary.
> -----Original Message-----
> From: andyiowalist at mchsi dot com [mailto:andyiowalist at mchsi dot com] 
> Sent: Thursday, February 03, 2005 1:45 PM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: [m0n0wall] Can't seem to block bittorrent and other P2P traffic
> Running m0n0wall 1.2b3.  i have a WAN interface, a LAN interface
> (gigabit only
> with jumbo frames) and an OPT1 interface (fast ethernet and the rest).  
> The LAN inteface IP is and the OPT1 interface is
> For each interface, I have setup the following:
> Proto    Source       Port       Destination    Port
> TCP/UDP   *         6881-6889         *           *      (Drop)
> TCP/UDP   *             *             *       6881-6889  (Drop) 
> Is this correct? 
> Now while a bunch of packets seem to be dropped, BitTorrent Traffic
> still gets
> through.  The problem is the upload shoots up and my cable modem
> download speed
> drops.  This is really annoying because I can't seem to convince one of
> my
> roommates that his BT usage is killing our download speed and affecting
> everyone.
> I'm tempted to remove that everything goes out default in the OPT1 and
> WAN, and
> while allowing everything from LAN, restricting for ports 1-1024 (and a
> few more
> higher) on the OPT1.
> Suggestions?
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch