OPNsense Forum

Archive => 16.7 Legacy Series => Topic started by: pr3p on November 15, 2016, 01:53:48 am

Title: Torrent Blocking - P2p Clients
Post by: pr3p on November 15, 2016, 01:53:48 am

Hello guys anyone here can post a complete guide how to block p2p on opnsense.


1. I would like to block specific .exe like bittorrent, flashget or emule on the gateway or with a extension .torrent files


Note: i tried to disabled the default rule on LAN and enable only ports that is needed but the my client flashget can still download torrents.

(http://image.prntscr.com/image/f388da403bd8473c888b74647a2caf94.png)

Firewall.
(http://image.prntscr.com/image/dd41d531710a4bd9829c55f32deb9fd1.png)



On PFSense can we add Layer7 like this one
(http://pfsensebuddy.weebly.com/uploads/3/7/8/3/37837857/4355284_orig.png)


Thanks and looking for your fast response.

Title: Re: Torrent Blocking - P2p Clients
Post by: franco on November 15, 2016, 05:21:33 pm

Hi pr3p,

I'm afraid Layer7 has been removed from OPNsense, later also from pfSense. It was unmaintained and there is no viable replacement.

This requires a commercial DPI engine used by commercial firewall vendors.


Cheers,
Franco

Title: Re: Torrent Blocking - P2p Clients
Post by: pr3p on January 27, 2017, 01:52:18 pm

Quote from: franco on November 15, 2016, 05:21:33 pm

Hi pr3p,

I'm afraid Layer7 has been removed from OPNsense, later also from pfSense. It was unmaintained and there is no viable replacement.

This requires a commercial DPI engine used by commercial firewall vendors.


Cheers,
Franco

Hi franco any update on OPNSense to block p2p or to block torrent application or extension, i was able to block torrent extension via web proxy enabled with.

http://prntscr.com/e10k7p

And for DPI or deep packet inspection - is it possible to add on opnsense features?

Title: Re: Torrent Blocking - P2p Clients
Post by: interkrome on July 21, 2017, 09:51:41 pm

Try suricata and enable et p2p with drop action