Answer the question
In order to leave comments, you need to log in
Blocking p2p traffic on Mikrotik?
Good day.
We have the following:
1. RouterOS 6.34.3
2. The bridge-hs bridge has been created and a hotspot is attached to it.
3. The /ip firewall filter contains the following rules:
add action=drop chain=forward in-interface=bridge-hs p2p=all-p2p
add action=drop chain=forward comment=\
"torrent-DHT-Out-Magnet d1: ad2:id20:" content=d1:ad2:id20: dst-port=\
1025-65535 in-interface=bridge-hs packet-size=95-190 protocol=udp
add action=drop chain=forward comment="torrent / announce..." content=\
"info_hash=" dst-port=2710,80 in-interface=bridge-hs protocol=tcp
add action=drop chain=forward comment=".torrent \r\
\nContent-Type...." content="\r\
\n\r\
\nd8:announce" out-interface=bridge-hs protocol=tcp src-port=80
add action=drop chain=forward comment=" .torrent \r\
\nContent-Type...." content="\r\
\n\r\
\nd8:ann" out-interface=bridge-hs protocol=tcp src-port=80
add action=drop chain =forward dst-port=6771 in-interface=bridge-hs \
protocol=udp
Objective: to block p2p connections for hotspot users
The rules work, but not quite correctly: the statistics show that the rules pass traffic through them and block only the first p2p requests seconds 10. Then the torrent is successfully loaded and starts working.
Answer the question
In order to leave comments, you need to log in
IMHO, it's easier to score, because it's unrealizable (on BB, if only, using l7)
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question