Forced Encrypted P2P

petyol · December 7, 2006, 11:53am

Hi,

We have implemented a Firewall rule with a scheduler that drops p2p traffic between 6 am and 9 pm everyday. it has been working for some p2p traffic , but it seems that users using utorrent , who forces the encryption are still able to download during the 6 am - 9 pm time frame when the firewall rule should drop encrypted the traffic.

According to discussion i had with Normis at MUM singapore Mikrotik can drop encrypted P2P but it cannot shape or limit the traffic.

Has anyone observed anything similar.

Francis Victor
Kokonet LTD
http://www.kokonet.sc

mortin · December 10, 2006, 1:57am

Hello,

Mikrotik can drop encrypted p2p traffic but only if the drop rule is enabled just before the user starts any p2p connections (run p2p software).

Enabling the drop rule at 6 am doesn’t affect early established connections so the user can still download p2p garbage.

Regards
Marcin

titius · December 10, 2006, 3:46am

ok, so if we waant to drop encrypted p2p we have to turn FW rule before using torrent??

Well I think tried that to, “but still… they come”

Nope, it doesnt work

mortin · December 10, 2006, 9:03am

Turn on the FW rule and restart the router.

Regards
Marcin

petyol · December 10, 2006, 5:11pm

Hi,

you mean if i am droping p2p onmy core router, i need to reboot it .

mortin · December 10, 2006, 5:16pm

Hello,

Yes after activating the drop rule just restart the router and then try to open any p2p software on client maschine…

Hello,
when p2p connection is beeing established some first pacets go unencrypted, so
if you manage to drop them you block it that way.
Regards,
Janis

http://forum.mikrotik.com/t/p2p-filter-test-with-bitcomet-program/5524/1

Regards
Marcin