Torrent blocking working in y2020

RouterOS Scripting
1

Block Bittorrent and P2P using latest MikroTik RouterOS 6.43.3
Mikrotik new version software stops blocking torrents and p2p with the error P2P matcher is obsolete please use layer7 matcher instead - MikroTik
Here are the new and revise configuration what is still working in year 2020 - steps that will block torrents and p2p traffic from mikrotik router:

In terminal:

/ip firewall layer7-protocol

add comment=“Block Bit Torrent” name=layer7-bittorrent-exp regexp=“^(\x13bitt
orrent protocol|azver\x01$|get /scrape\?info_hash=get /announce\?inf
o_hash=|get /client/bitcomet/|GET /data\?fid=)|d1:ad2:id20:|\x08’7P\)[
RP]”

/ip firewall filter

add action=add-src-to-address-list address-list=Torrent-Conn
address-list-timeout=2m chain=forward layer7-protocol=
layer7-bittorrent-exp src-address=192.168.2.0/24 src-address-list=
!allow-bit

/ip firewall filter

add action=drop chain=forward dst-port=
!0-1024,8291,5900,5800,3389,14147,5222,59905 protocol=tcp
src-address-list=Torrent-Conn

/ip firewall filter

add action=drop chain=forward dst-port=
!0-1024,8291,5900,5800,3389,14147,5222,59905 protocol=udp
src-address-list=Torrent-Conn

2

This future is not 100% working…

regarding my testing after 5 minutes of inactive torrent it find first seeder and that other and other… it will slow down downloaders but there is still possibility torrent will work.

3

Anyone Else Tried This???

4

Just try it on your own. It really helps but not for 100%

5

well, if it does not work 100% then it does not really help, don’t you think? I mean - what difference it makes if the download takes bit more? Idea of blocking is, that NOTHING goes through.
If it still starts after a while, it likely means you missed some port or regexp part, which still gets through.

6

This was posted 5 Juli 2020. 6.43.3 is very old and far far from latest Router OS (from 18.10.2018). Latest stable 6.47 and long term 6.45.9
I would not have used this old version due to lots of missing security patches.

7

Yes it’s work in my RB2011

/ip firewall layer7-protocol
add comment=“Block Bit Torrent” name=layer7-bittorrent-exp regexp=“^(\x13bitt
orrent protocol|azver\x01$|get /scrape\?info_hash=get /announce\?inf
o_hash=|get /client/bitcomet/|GET /data\?fid=)|d1:ad2:id20:|\x08’7P\)[
RP]”

/ip firewall filter
add action=add-src-to-address-list address-list=Torrent-Conn
address-list-timeout=2m chain=forward layer7-protocol=
layer7-bittorrent-exp src-address=192.168.88.0/24 src-address-list=
!allow-bit
add action=drop chain=forward dst-port=
!0-1024,8291,5900,5800,3389,14147,5222,59905 protocol=tcp
src-address-list=Torrent-Conn
add action=drop chain=forward dst-port=
!0-1024,8291,5900,5800,3389,14147,5222,59905 protocol=udp
src-address-list=Torrent-Conn

8

Im uTorrent
Options->Prefences->BitTorrent-Protocol Encryption set it to Enabled, then test if your rule still blocks it.

9

I don’t know how but it is still blocking torrent after i enabled BitTorrent-Protocol Encryption.

3.png
3.png1016×210 7.65 KB

2.png
2.png938×103 3.87 KB

1.png
1.png1600×900 78.9 KB

10

Why would you want to do this?

11

Torrent is illegal where i live, if i don’t block it then our small ISP will be charge by the internet authority

12

So if the speed limit is 100 kph and I have a car that can run 200 kph, we need to close the road?
Torrent are not illegal, sharing copyright material are.
Closing one service just move user to another :slight_smile:

13

Where do you live? I don’t believe they are illegal.

14

Try to use it in Germany :slight_smile:

15

Eek I just read about Germany.

16

The Torrent system on it’s own is not illegal.
Downloading copyrighted content is illegal.

17

This is my understanding also, read an article yesterday that in Germany, some law firms are not so ethical (who would have thought) and sending very threatening letters to people to pay up, and the normal Joe does not know better, so he pays. Case of big brother bullying little brother

18

rules are working for me also. i try to download various torrents with qbittorrent and they dont start. “force encryption” is enabled in qbittorrent options.
just a small remark. in second rule you have to change subnet to match your setup. the photo is after one hour trying to download random torrents.
i am not sure if there are any Concequenses in apps like facetime,viber,whatsapp, tv boxes etc. further testing needed.

/ip firewall filter
add action=add-src-to-address-list address-list=Torrent-Conn
address-list-timeout=2m chain=forward layer7-protocol=
layer7-bittorrent-exp src-address=192.168.2.0/24 src-address-list=
!allow-bit
Capture.JPG

19

If you go to some PitateBay proxy or other Torrent site they tell you to not download if you do not use a VPN, and with VPN your rules does not work at all.

20

Yes there are consequences, after applying the rules, i have also notice that it affect whatsapp audio reception and speedtest websites is not working at all…i solved whatsapp issue but not speedtest!