Blocking Torrents

[The Green Bean]

I have people constantly leech off torrents on my network of about 10 computers. When I ask them they deny it. Now I wish to block or limit torrent download speeds. I have a WRT300N v1 4MB flash (and a spare WRT54G currently serving as a WAP but I can swap it). Is there anyway I can block or limit download speeds per MAC address? Or atleast block torrents. I have a Meagre 2 mb cable connection and torrents hog up the whole bandwidth. I tell people to install limiters if the want to download but they don't listen. Now I'm just gonna block all of them. Ideas?

I can get hold of a 160N and 150N router too if need be.

 

[xSauronx]

are you in a dorm or something?
if you block traffic from 10 people and its not your right to do it, youre gonna be dealing with 10 pissed off people regularly. that would be bad.

 

[spidey07]

You're going to need some kind of layer7 firewall or packet shaper. There's plenty of commercial solutions out there, maybe there is something free?

 

[The Green Bean]

Originally posted by: xSauronx
are you in a dorm or something?
if you block traffic from 10 people and its not your right to do it, youre gonna be dealing with 10 pissed off people regularly. that would be bad.

No. This is a home network.

You're going to need some kind of layer7 firewall or packet shaper. There's plenty of commercial solutions out there, maybe there is something free?

Would I need a spare PC for that? Would the 3rd party firmwares for the routers work?

 

[xSauronx]

Originally posted by: The Green Bean

Originally posted by: xSauronx
are you in a dorm or something?
if you block traffic from 10 people and its not your right to do it, youre gonna be dealing with 10 pissed off people regularly. that would be bad.

No. This is a home network.

You're going to need some kind of layer7 firewall or packet shaper. There's plenty of commercial solutions out there, maybe there is something free?

Would I need a spare PC for that? Would the 3rd party firmwares for the routers work?

some 3rd party fimrware can do QoS but im not sure how well it works.
otherwise, yeah, an old pc with 2 NICs and a linux firewall distro would probably do just what you want.

monowall, IPcop and clarkconnect come to mind, but i havent used any of them. google a bit and search in the *nix forum to find out more, i know some members here have used one of those distros as a firewall.

 

[QuixoticOne]

http://www.pfsense.com/
http://m0n0.ch/
http://www.netlimiter.com/
http://www.shorewall.net/

You could use a windows based s/w. You could run a VM under windows and run a UNIX firewall / gateway in that and redirect the windows / LAN traffic through that. You could use an old PC with a firewall distribution on it. You could get one of the ATOM $75 for CPU + motherboard boards, add $25 for RAM, $30 for a case/PSU, and maybe $9 for a USB or PCI ethernet port and you're all set.

Or just set up a DNS proxy to redirect the traffic to mediasentry / RIAA and that'll take care of it (j/k).

Actually instead of blocking it wholly you can just set up some QOS rules to meter the flow and prioritize the other types of traffic over bulk downloads.

Or switch to Comcast and they'll block it for you...

 

[QuixoticOne]

http://www.zeroshell.net/eng/

 

[Modelworks]

I can do it with clark connect in just a few clicks.
http://www.clarkconnect.com/

 

[HannibalX]

Originally posted by: xSauronx
are you in a dorm or something?
if you block traffic from 10 people and its not your right to do it, youre gonna be dealing with 10 pissed off people regularly. that would be bad.

If he is paying for the connection he can do whatever the hell he wants.

 

[nsafreak]

Why not just use the router's built in QoS? My Linksys WRT54GL has the ability to prioritize traffic by port. So what you could do is put all of the suspected BT users on low priority and everybody else on high.

 

[Cooky]

How would you classify interested traffic?
It sounds like the built-in QoS is only layer 4; you need layer 7 to block torrent.

 

[The Green Bean]

Originally posted by: Cooky
How would you classify interested traffic?
It sounds like the built-in QoS is only layer 4; you need layer 7 to block torrent.

Would 3rd party firmware help?

It's apparently one of my guests leeching from my internet. My cousin's fiance is here over the holidays and is leeching. One day I say that my cousin's port was the guilty one and I told her about it. Later she said it was her fiance downloading. 2 days later it's blinking again but I don't want to tell her. She is too sensitive. The new TV season is on and there's no doubt about what he/she are downloading. I've had enough. I can't even get my work done! The internet slows down so much it reminds me of the 56k days. I can't even download email attachments. Is there anyway to block a MAC from accessing the internet. That or I'll have to wait until he leaves. And I simply can't block a whole port because that same port goes to my uncles room. I don't want to be a selfish hog but when 8 people are complaining that they can't even browse because someone is downloading what am I supposed to do?

At this point there are 15DHCP clients. :S

 

[strikermike]

Check out this link http://www.polarcloud.com/tomato It is an aftermarket firmware upgrade to linksys WRTg 54 It lets you restrict bandwidth by port or possibly Mac address.

 

[The Green Bean]

Originally posted by: strikermike
Check out this link http://www.polarcloud.com/tomato It is an aftermarket firmware upgrade to linksys WRTg 54 It lets you restrict bandwidth by port or possibly Mac address.

That looks pretty cool. Will have to check it out.

 

[mooseracing]

Originally posted by: nsafreak
Why not just use the router's built in QoS? My Linksys WRT54GL has the ability to prioritize traffic by port. So what you could do is put all of the suspected BT users on low priority and everybody else on high.

Most of the options suck on off the shelf SOHO routers. I can do alot more with a free distro of IPCop on a dedicatied box with packet shaping and QoS. Not to mention the Linksys will crap out with a high load.

 

[The Green Bean]

Ok. Some idiot is leeching at 250KB/sec and uploading at 20KB/sec on my 2mbps connection. Tomato torrent has lots of options but I just can't seem to get the priorities working right. I'm going out of town for 45 days tomorrow so I think I'll set up the dedicated linux box after I'm back.

Since I'm going to be spending $$ on this these options would be nice.

Ability to send popups to users exceeding their BW limit.
Ability to send popups to users exceeding the DL/UL capacity for an extended period of time.
Ability to temporary block MACS for doing this.
Ability to get detailed DL/UL info for each MAC connected.

And I would like that server to act as a download server too.

 

[QuixoticOne]

http://www.linuxlinks.com/Soft...rking/Tools/Bandwidth/
http://info.iet.unipi.it/~luigi/ip_dummynet/