Blocking p2p

Tman*

Tman*

Executive Member
Joined
Jul 18, 2012
Messages
7,400
Reaction score
8,831
Ive been doing some research over the last few weeks on what possibilities there are to block p2p via my router.

In a nutshell: There are numerous other people in my household that is using my internet connection, and I want to block torrents and nzb's so that everyone can have a pleasant experience with a generally faster line.

I do not have access to their devices, so I cant configure it in any way. The only details I do have, is the MAC address of each device, with an IP address.

As far as I understand you can limit/block P2P in one of the following ways:
1. Flashing your Modem to aftermarket firmware such as "dd-wrt" and configuring it accordingly.
2. Getting an old PC and running a program such as "pfsource" to act as your firewall/router
3. Blocking ports on your existing router and setting up QoS.

Unfortunately neither of my 2 routers support any type of aftermarket firmware, and I dont have space to run a secondary PC, so It seems like I am stuck with option 3? And from what I understand, port blocking isnt too effective?

What would be the easiest, most cost effective way to block p2p? At this stage I am considering to buy a new modem that has some sort of built in functionality.

Any help and advice would be appreciated!
 
A Mikrotik router would probably be the easiest/cheapest option if you plan on getting a new one. I've never personally worked with their router OS but a lot of people on the forum swear by it so it must be pretty okay.

Trying to block ports however will be a waste of time as many p2p clients use random ports and trying to block all these ports will not be very efficient and will most likely break other legitimate services trying to use ports in the range you're blocking.
 
Put Sophos UTM Home Edition on your pc, run the internet through that and block application traffic.
 
Tman* said:
Ive been doing some research over the last few weeks on what possibilities there are to block p2p via my router.

In a nutshell: There are numerous other people in my household that is using my internet connection, and I want to block torrents and nzb's so that everyone can have a pleasant experience with a generally faster line.

I do not have access to their devices, so I cant configure it in any way. The only details I do have, is the MAC address of each device, with an IP address.

As far as I understand you can limit/block P2P in one of the following ways:
1. Flashing your Modem to aftermarket firmware such as "dd-wrt" and configuring it accordingly.
2. Getting an old PC and running a program such as "pfsource" to act as your firewall/router
3. Blocking ports on your existing router and setting up QoS.

Unfortunately neither of my 2 routers support any type of aftermarket firmware, and I dont have space to run a secondary PC, so It seems like I am stuck with option 3? And from what I understand, port blocking isnt too effective?

What would be the easiest, most cost effective way to block p2p? At this stage I am considering to buy a new modem that has some sort of built in functionality.

Any help and advice would be appreciated!
Click to expand...

Geez, you must have a big family. Nigerian? Subletting?
 
I still think if you can get your hands on a Micro ITX form factor PC, shove 2 NICs in it and install pfSense on there you will be a lot happier.

One of the coolest/useful pieces of tech I have.
 
Just set up QoS and make P2P the lowest. That way everybody's torrents will run as normal when nobody's using the network.

I'd like to add though that anybody who knows how to download torrents, knows something about computers in general. You're just making it more difficult for them :D
 
DrJohnZoidberg said:
I still think if you can get your hands on a Micro ITX form factor PC, shove 2 NICs in it and install pfSense on there you will be a lot happier.

One of the coolest/useful pieces of tech I have.
Click to expand...

The only problem I see is that he will also have to likely get a wifi ap and a network switch as I am guessing most of his stuff runs off a router.
 
+1 on Mikrotik, although there is a learning curve you can find very detailed how-to guides on their wiki. It is one of the best value vs functionality devices out there.

Something else to consider trying is Opendns, you can create a free home account and all it requires is setting your router to use their dns servers - no additional hardware required. You can then go about blocking ptp sites on the dns level. Downside is without a separate firewall to block direct dns queries it is quite easy to circumvent, also Google will provide them many other download sites to try.
 
YingYang said:
Just set up QoS and make P2P the lowest. That way everybody's torrents will run as normal when nobody's using the network.

I'd like to add though that anybody who knows how to download torrents, knows something about computers in general. You're just making it more difficult for them :D
Click to expand...
Very true.

You can try and block any traffic from say TCP + UDP 10000 to 65535
If something breaks, open that specific port.
 
AstroTurf said:
The only problem I see is that he will also have to likely get a wifi ap and a network switch as I am guessing most of his stuff runs off a router.
Click to expand...

Yep, I have a separate wifi ap and a gigabit switch. You could just use your existing wifi router though.
 
Get an old PC refurb and install PFSense and use the Layer 7 traffic shaper to prioritize legitimate traffic. Port blocking if you like for extra effect
 
Thanks for the replies guys.

What Mikrotik router would you recommend?

With my existing setup my running an old Dlink router (2740u) with a TP-link WiFi AP plugged into the router.
 
Im still looking to Buy a Mikrotik router.

Can anyone recommend a model?

Ive tried to search online without success :(
 
Just a thought.

Why not set up a single machine to do downloading then limit it by a schedule and allow people to add files to it over http.
That way you can set up a dedicated media server for the house, have anyone download whatever they want and optimise the internet whenever people are actually using it.
 
AstroTurf said:
Just a thought.

Why not set up a single machine to do downloading then limit it by a schedule and allow people to add files to it over http.
That way you can set up a dedicated media server for the house, have anyone download whatever they want and optimise the internet whenever people are actually using it.
Click to expand...

I know it might sound retarded, but one of the reasons I want to limit p2p is to curb on illegal downloading.

I ended up going with the Microtik RB750. Will post feedback as soon as I have played around a little bit.
 
Tman* said:
I know it might sound retarded, but one of the reasons I want to limit p2p is to curb on illegal downloading.
Click to expand...

:cry: Is torrent downloading illegal ..... and I thought we were a bunch of guys all called Pierre who were sharing :D:D:D
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X