We have a policy to not allow P2P traffic and we wan't to display a message to person who have been blocked which he would see if he tries to surf the net.
I already created an IP alias for that message to show, so if we go to 10.0.0.66, we see message that "internet has been blocked, because of torrent usage".
Code: Select all
add action=dst-nat chain=dstnat comment="BLOCKED USERS REDIRECT TO MESSAGE SERVER" !connection-bytes !connection-limit !connection-mark !connection-rate !connection-type !content \
disabled=no !dscp !dst-address !dst-address-list !dst-address-type !dst-limit dst-port=80 !fragment !hotspot !icmp-options !in-bridge-port !in-interface !ingress-priority \
!ipv4-options !layer7-protocol !limit !nth !out-bridge-port !out-interface !packet-mark !packet-size !per-connection-classifier !port !priority protocol=tcp !psd !random \
!routing-mark !routing-table !src-address src-address-list=BLOCKED_FOR_TORRENT_USAGE !src-address-type !src-mac-address !src-port !tcp-mss !time to-addresses=10.0.0.66 to-ports=80 !ttl
Any suggestions?