In these cases throttling wouldn't apply. The problem is that outgoing P2P can also go to TCP:80, TCP:443, TCP:53 and UDP:53 and so on. If so, which protocols are you considering?Īs I cannot really block P2P in general, I am trying to throttle "everything else". In my case i have identified torrent traffic by discardDo you mean "everything else" (everything but HTTP, HTTPS, SSH, SMTPS, IMAP4S POP3S.) is considered torrent? queue tree add name="streaming2" parent=global packet-mark=streaming2 limit-at=0 queue=default \ You can adjust the max-limit to anything higher like 128kģ.
Layer7-protocol=streaming new-packet-mark=streaming2 passthrough=no |f4b|x-flv|msi|wmv|mp2|mp3|mp4|swf|rm|rmvb|vcd|pdf|dat|iso|nrg|bin|cab|vcd|ogg|wma|divx|d2v|qt|0)Īdd action=mark-packet chain=prerouting comment="Mark Packet Streaming" disabled=no \ mp3, *.mp4 etc, how will I add this to the l7-layer, is this one correct cus i dont see it catching any trafficĪdd name=streaming2 regexp="\"^.*get.+\\\\.(3gp|mov|mpe|mpeg|mpeg2|mpeg3|mpeg4|mkv|avi|flv|f4v|f4p|f4a\ I just copied this from somewhere in the forum, I want to integrate it with blocking downloading of. Src-address=1.3.0/24 connection-limit=101,32Ĭhain=forward action=drop protocol=udp src-address=1.1.0/24Ĭhain=forward action=drop protocol=udp src-address=1.2.0/24Ĭhain=forward action=drop protocol=udp src-address=1.3.0/24Ĭhain=input action=accept connection-state=establishedĬhain=input action=accept connection-state=relatedĬhain=input action=drop connection-state=invalidĬhain=forward action=drop layer7-protocol=torrent-dnsĬhain=forward action=drop protocol=udp layer7-protocol=torrent-dnsĬhain=forward action=drop layer7-protocol=torrentsitesĬhain=forward action=drop content=torrentĬhain=forward action=drop content=trackerĬhain=forward action=drop content=getpeersĬhain=forward action=drop content=info_hashĬhain=forward action=drop content=announce_peersĪnd here the screenshot from the last hours: But I´m not sure.Ĭode: Select all > ip firewall filter printįlags: X - disabled, I - invalid, D - dynamicĬhain=forward action=drop tcp-flags=syn protocol=tcp The last one (default rule) I´m using so since 1 year, without src-addresses, and hope it works. Or I can write it so (without the src-addresses) and it will work for all the 3 wlans:Īdd chain=forward layer7-protocol=torrentsites action=drop comment=torrentsitesĪdd chain=forward protocol=17 dst-port=53 layer7-protocol=torrentsites action=drop comment=dropDNSĪdd chain=forward content=torrent action=drop comment=keyword_dropĪdd chain=forward content=tracker action=drop comment=trackers_dropĪdd chain=forward content=getpeers action=drop comment=get_peers_dropĪdd chain=forward content=info_hash action=drop comment=info_hash_dropĪdd chain=forward content=announce_peers action=drop comment=announce_peers_dropĪdd chain=forward p2p=all-p2p action=drop comment=p2p_drop & also use default rule to drop p2p traffic which alone is not working for meĪdd chain=forward src-address=192.168.1.0/24 p2p=all-p2p action=drop comment=p2p_dropīut 3 times (with the 3 src-addresses 192.168.1.0, 192.168.2.0 and 192.168.3.0) Torrentz|vertor|h33t|btscene|bitunity|bittoxic|thunderbytes|Įntertane|zoozle|vcdq|bitnova|bitsoup|meganova|fulldls|btbot|įlixflux|seedpeer|fenopy|gpirate|commonbits).*$Īdd chain=forward src-address=192.168.1.0/24 layer7-protocol=torrentsites action=drop comment=torrentsitesĪdd chain=forward src-address=192.168.1.0/24 protocol=17 dst-port=53 layer7-protocol=torrentsites action=drop comment=dropDNSĪdd chain=forward src-address=192.168.1.0/24 content=torrent action=drop comment=keyword_dropĪdd chain=forward src-address=192.168.1.0/24 content=tracker action=drop comment=trackers_dropĪdd chain=forward src-address=192.168.1.0/24 content=getpeers action=drop comment=get_peers_dropĪdd chain=forward src-address=192.168.1.0/24 content=info_hash action=drop comment=info_hash_dropĪdd chain=forward src-address=192.168.1.0/24 content=announce_peers action=drop comment=announce_peers_drop Thepiratebay|isohunt|entertane|demonoid|btjunkie|mininova|flixflux| Use winbox to copy paste name=torrentsites Asume you want to block torrent & p2p traffic on 192.168.1.0/24
0 kommentar(er)
