From: "Sven Brill" <madde at gmx dot net>
> Sebastian Davie wrote:
>> Source Port range=FTP/FTP
>> Destination port range=FTP/FTP
> set the source port to any instead of FTP. The client uses a (semi) random
> high port, like in most other protocols. Just note that this only blocks
> connections to FTP sites outside the LAN. You mentioned you have trouble
> with "file sharing" - if you mean peer-to-peer file sharing, you have
> other problems, as those rarely go to destination port 21. There are
> default ports for most p2p protocols, but no guarantee that everyone uses
> them. You can look up the standard ports for bittorrent, kazaa, limewire,
> edonkey, etc. and try to block those, but there will still be p2p traffic
> going on. Instead of completely blocking, you might want to look into the
> traffic shaper.
What he said. :-) The p2p programs are designed to get around firewalls.
You will need bandwidth limiting to get around that.