Latest Information can be obtained from http://wiki.secureit.in/index.php?title=How_to_block_torrent
Torrent works based on the seeds and peers (the other computer which connects to your client application to send or receive the files) .
The seeds and peers information to your client is provided by the torrent tracker server, which is mentioned in the .torrent file downloaded by you from some torrent site.
Your Torrent client will read the .torrent file and connect with the torrent tracker server on 6881-7000/tcp or 2710/tcp port through http protocol and torrent tracker server will provide all the other client computer which are currently connected and having the full file or partial file which yuo want to download.
Than your client application(torrent client) will connect to those other client machines(torrent client applications) and starting transferring the data.
To block the torrent in your network , you can take the following two actions.
1. Do not allow "NEW" incoming packets in your network.
2. Block 6881-7000/tcp and 2710/tcp ports for outgoing so that your client application(torrent client) could not connect the tracker server and get the information about other systems.
If your client(torrent application) will not get the information about other systems in world , it will not be able to download the files.
This is want you want to do.....
Cheer Up !!
Your comments and experience are most welcome.
8 comments:
he easiest way to block particular TCP port in Linux is use iptables rule as follows:
Code:
iptables -A INPUT -p tcp --destination-port PORT-NUBMER -j DROP
For example block port 22 for everyone:
Code:
iptables -A INPUT -p tcp --destination-port 22 -j DROP
Now let us say you want block port 22 for everyone except for IP 202.65.11.10
Code:
iptables -A INPUT -p tcp --destination-port 22 -s \! 202.65.11.10 -j DROP
To block UDP ports use --tcp udp option:
Code:
iptables -A INPUT -p udp --destination-port PORT-NUBMER -j DROP
Blocking the torrent in NAT/Proxy environment is quiet easy as you can do the content filtering also.
The main problem is when you have no proxy and most of the router does not support content filtering , there the actual post make sense.
i like this man....
plz provide some other interesting info of linux
as i respect white hat hackers forever....
i am new babies for linux networking
also suggest some books and site if you dont mind
regards..
hardik
Thanks a lot for this helpful article. I'll try your solution and hope it will work for me too.
1. Do not allow "NEW" incoming packets in your network.
2. Block 6881-7000/tcp and 2710/tcp ports for outgoing so that your client application(torrent client) could not connect the tracker server and get the information about other systems.
So how exactly do you do #1, #2? Using iptables? Can you show the code?
What is your environment , like you want to block the torrent in your network which is passing through a linux gateway machine or on a stand alone machine.
==Blocking on Cisco Router ==
To block the torrent through cisco router, enable the nbar and create a policy map.
1. Create a class-map
Router#config t
Router(config)#Class Map match-any p2p
Router(config-cmap)#Match protocol http url "*torrent*"
Router(config-cmap)#Match protocol napster
First match will match torrent word in url
Second will match napster protocol
2. Create a policy-map
Router#config t
Router(config)#Policy Map block-p2p
Router(config-pmap)Class p2p
Router(config-pmap-c)#drop
Than apply the policy on interface
Router#config t
Router(config)#int
Router(config-if)#service-policy output block-p2p
blocking napster will block the office communicator also.
Post a Comment