affordableCebu
Home » Questions » Computers [ Ask a new question ]

Block P2P traffic on a Linksys router WRT54G with Tomato firmware

Block P2P traffic on a Linksys router WRT54G with Tomato firmware

I'm running a small wireless network (6 to 10 users) on a Linksys WRT54G with Tomato firmware sharing an Internet connection. I don't want the users to download files with BitTorrent (mainly used) and other P2P apps.

Asked by: Guest | Views: 312
Total answers/comments: 3
Guest [Entry]

"One way to do this in an indirect way is by using OpenDNS.

Set the DNS server in your router settings to the OpenDNS servers (208.67.222.222 and 208.67.220.220)
Create an account on the OpenDNS web site (that's free), and follow the instructions on their web site how to configure it
Then in your account settings choose a custom filtering level and select to block ""P2P/File sharing"". If you want you can block other categories, I'd definitely block ""Phishing"", and depending on your needs you can add specific sites as exceptions or to be blocked.

It is an indirect way of achiving your goal and probably not what you were originally looking for, but it will work and has a number of additional advantages (e.g. blocking some other web sites you probably want to block)."
Guest [Entry]

"The best way I could come up with until now is a combination of things:

Use the OpenDNS DNS servers and use their p2p category to block access to p2p sites. In Tomato, tick the box ""Intercept DNS port (UDP 53)"" under Advanced > DHCP / DNS to prevent user from being able to use own DNS servers.
In Tomato, create an Access Restriction rule, set Port / Application to ""TCP/UDP, IPP2P: All IPP2P Filters"" (this will block unencrypted p2p traffic)
In the HTTP Request field I entered some common bittorrent/emule keywords used in URLs. This prevents users from downloading .torrent files, connect to trackers that are commenly using addresses like tracker.xxx.com or domain.com/scrape, etc. My list at this moment:

announce
torrent
tracker
scrape
peerates
peerbooter
grukdotorg
emule-security.net
server.met

In Tomato, under Administration > Scripts > Firewall I've added a couple iptables rules to prevent any user from opening way too many connections. I've also blocked some commonly used bittorrent ports:

iptables -I FORWARD -p tcp -s 192.168.1.0/24 -m connlimit --connlimit-above 50 -j DROP
iptables -I FORWARD -p ! tcp -s 192.168.1.0/24 -m connlimit --connlimit-above 25 -j DROP

iptables -I FORWARD -p tcp --dport 6881:6999 -j REJECT
iptables -I FORWARD -p udp --dport 6881:6999 -j REJECT"
Guest [Entry]

"As others explain, you will most probably not be able to prevent P2P traffic. But you can just forbid it, explaining to the users (1) why you want to ban P2P and that (2) you can monitor what's going on, and may lock down offenders (if e.g. each user has it's own IP)...

More generally, this seems to be the kind of problem that's better solved with education than technology..."