How To block torrent, emule, etc

Hi there,
i try to block p2p protocols like torrent, emule, etc. This was possible in older versions of OpenWrt via iptables using l7-protocols. I googled for a while but so far i found no good replacement for this. Is there some way to archive this?

My current setup:
Linksys WRT1200AC
OpenWrt 18.06.1

thnx in advance :slight_smile:

Since “modern” P2P protocols are designed to open NAT holes (search “STUN server” for more details), this can be challenging. They have to be blocked outgoing (LAN to WAN forwarding) or conntrack will open the ports. What needs to be blocked will depend on the specific application. Disabling UPnP, if enabled, should also be an evident requirement.

BitTorrent clients nowadays prefer encryption and downloading via 443/TCP is not impossible.
This makes the problem even more challenging unless you have the resources to provide comprehensive DPI.

1 Like

Thnx for the info. So this is not really something, that can be done easily. I thought so^^

I'm currently using a vpn setup on the router to "solve" this problem, but it is far from perfect, as it vastly decreases the available up/down speed. Therefore i would prefer to completely block torrents, instead of making it harder for law firms to resolve my personal data via wan ip (torrent traps)...

Maybe there is another solution that I have not thought of yet? Suggestions are welcome :slight_smile:

You can utilize policy-based routing.
Either run the software on a separate host or VM with different IP, or find a way to apply some sort of traffic marking.