From owner-freebsd-pf@FreeBSD.ORG  Tue Jan 20 04:14:52 2015
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 141994E1
 for <freebsd-pf@freebsd.org>; Tue, 20 Jan 2015 04:14:52 +0000 (UTC)
Received: from mario.brtsvcs.net (mario.brtsvcs.net [IPv6:2607:fc50:0:a400::2])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id DCEDEBA7
 for <freebsd-pf@freebsd.org>; Tue, 20 Jan 2015 04:14:51 +0000 (UTC)
Received: from chombo.houseloki.net (c-71-59-211-166.hsd1.or.comcast.net
 [71.59.211.166])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by mario.brtsvcs.net (Postfix) with ESMTPSA id 6891E2C1613;
 Tue, 20 Jan 2015 04:14:44 +0000 (UTC)
Received: from [IPv6:2601:7:2580:181:baca:3aff:fe83:bd29] (unknown
 [IPv6:2601:7:2580:181:baca:3aff:fe83:bd29])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by chombo.houseloki.net (Postfix) with ESMTPSA id B0E8C8F3;
 Mon, 19 Jan 2015 20:14:41 -0800 (PST)
Message-ID: <54BDD62E.4040003@bluerosetech.com>
Date: Mon, 19 Jan 2015 20:14:38 -0800
From: Darren Pilgrim <list_freebsd@bluerosetech.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
 rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: Odhiambo Washington <odhiambo@gmail.com>, 
 "freebsd-pf@freebsd org" <freebsd-pf@freebsd.org>
Subject: Re: Controlling P2P with PF
References: <CAAdA2WM=f_Xx9SVoez1O8qEfBL2EHGS8-YaUFkdMK7zd5NrLhQ@mail.gmail.com>
In-Reply-To: <CAAdA2WM=f_Xx9SVoez1O8qEfBL2EHGS8-YaUFkdMK7zd5NrLhQ@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
 \(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf/>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Jan 2015 04:14:52 -0000

On 1/19/2015 8:06 AM, Odhiambo Washington wrote:
> Hello all,
>
> So I found this link while trying to figure out of PF can control P2P -
> ttp://www.benhup.com/?mf=freebsd&sf=freebsd8.2-p9_04_peerblock
>
> I tried using it, but I could still download using utorrent from my network.
>
> Does this mean I am beating a dead horse, or I have my filter rules in bad
> order or something I am missing?

Yes, you're beating a dead horse.  A torrent client will use any open 
port it can get, and the stuff you really do want to stop runs the 
torrent over SSL (i.e., you can't tell it apart from HTTPS traffic). 
All you can do is rate-limit the bandwidth hogs, then deal with people 
upset about poor streaming video performance.