Date: Tue, 20 Jan 2015 22:35:44 +0300 From: Odhiambo Washington <odhiambo@gmail.com> To: Darren Pilgrim <list_freebsd@bluerosetech.com> Cc: "freebsd-pf@freebsd org" <freebsd-pf@freebsd.org> Subject: Re: Controlling P2P with PF Message-ID: <CAAdA2WPLpD2jPLqNinievOgYn4TB7=qGsY1Rox8TjE56VxV_aQ@mail.gmail.com> In-Reply-To: <54BDD62E.4040003@bluerosetech.com> References: <CAAdA2WM=f_Xx9SVoez1O8qEfBL2EHGS8-YaUFkdMK7zd5NrLhQ@mail.gmail.com> <54BDD62E.4040003@bluerosetech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 20 January 2015 at 07:14, Darren Pilgrim <list_freebsd@bluerosetech.com> wrote: > On 1/19/2015 8:06 AM, Odhiambo Washington wrote: > >> Hello all, >> >> So I found this link while trying to figure out of PF can control P2P - >> ttp://www.benhup.com/?mf=freebsd&sf=freebsd8.2-p9_04_peerblock >> >> I tried using it, but I could still download using utorrent from my >> network. >> >> Does this mean I am beating a dead horse, or I have my filter rules in bad >> order or something I am missing? >> > > Yes, you're beating a dead horse. A torrent client will use any open port > it can get, and the stuff you really do want to stop runs the torrent over > SSL (i.e., you can't tell it apart from HTTPS traffic). All you can do is > rate-limit the bandwidth hogs, then deal with people upset about poor > streaming video performance. > > Hi Darren, Thanks. Looking at my pf.conf, is there something you see wrong if squid and PF are on the same machine (gateway)? I am having weird issues with squid complaining that it detects loops. I am running it in intercept/transparent mode. PS: Was IPFilter removed from FreeBSD-10.1 ? -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 "I can't hear you -- I'm using the scrambler."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAAdA2WPLpD2jPLqNinievOgYn4TB7=qGsY1Rox8TjE56VxV_aQ>