Torrent services successfully blocked

8 posts / 0 new
Last post
Accid
Accid's picture
Torrent services successfully blocked

Torrent services successfully blocked

Finally got it to work

Just wanted to share my experience of being able to block torrent services on my guest network

I have set it by MAC address but you can use IP ranges or a specific IP combined with Static Leases on the Services tab if you so wish.

I am using R7000 using build 24500 with 2 Vlans.

I can also filter it using times of download to increase my bandwidth during peak usage hours.

I have set my port range from 1011 to 65535 and set my torrent downloader to use port 1000 so I can use torrents whenever I wish.

 

 

Subhra
Subhra's picture
Thanks for sharing your

Thanks for sharing your experience. It would help the DD-WRT users.
I would suggest you to write a tutorial on that to make it more handy to the DD-WRT users.

Accid
Accid's picture
OK Coming soon

OK
Coming soon

Accid
Accid's picture
When configuring a router for

When configuring a router for shared access to the Internet, users of peer-to-peer file sharing applications like BitTorrent and eMule can seriously degrade performance for other users, particularly on asymmetric connections like cable and DSL. (This is because saturation of the slower uplink can greatly slow the normally much faster downlink.) To ensure fairer allocation of network capacity for all users, it may be desirable to throttle (degrade) peer-to-peer file sharing. (It's difficult if not impossible to block it completely.)

 

 

Access Restrictions

Enter the following settings in the DD-WRT Web GUI, click Apply Settings, and Reboot Router after all settings have been made. (It's a good idea to set a strong password to prevent unauthorized access to the DD-WRT Web Gui, and to save the configuration settings once desired results have been achieved.)

 

The above text is taken from http://secure.dd-wrt.com/wiki/index.php/Peer-to-Peer_%28P2P%29_Throttling

 

I used it as a guide to experiment on the settings.

 

Steps

Setup your router as you normally would. Backup your settings.

Go to Access Restrictions main tab

Under WAN/ Policy Name enter a Policy Name, I called mine P2P (keep it short no spaces).

Click on enable.

Click apply then save or save then apply, this will vary depending on your router and flavor of DDWRT.

Reboot the router to be sure the changes have taken place.

 

Very important get the MAC address of the client/clients you wish to Deny/Filter before you enter the next step.

If you do not know how to get the MAC address go to Main tab Status then click on LAN. The clients should be listed there. If you still cannot get the MAC address of your intended client/victim that’s ok. I will explain how to block a range of clients/ IP addresses later.

 

Log back into the interface and check to see if the changes have saved.

Go to Access Restrictions main tab and click on Edit List of clients, enter the mac of the intended client/victims you wish to Deny/Filter. There is a limit of 8 on the GUI, (not sure if more can be added via the command line).

After adding their MAC addresses click apply then save or save then apply, this will vary depending on your router and flavor of DD-WRT. Then click close.

 

Click apply then save or save then apply, this will vary depending on your router and flavor of DDWRT.

Reboot the router to be sure the changes have taken place.

 

Log back into the interface and check to see if the changes have saved.

Go to Access Restrictions main tab, click on Add/Edit Service under Blocked Services.

Here you need to add 2 services, Chose a Service name I called mine P2P1 and P2P2 (keep it short no spaces).

The first

 

Service Name  P2P1

Protocol           TCP

Port Range      1023-65535

 

The Second

 

Service Name  P2P2

Protocol           UDP

Port Range      1023-65535

See link to picture below

 

http://secure.dd-wrt.com/wiki/index.php/Image:P2PTCP.PNG

 

Do not add or use the TCP & UDP

Add them separately.

(I have found that in some routers it does not work.)

Click apply then save or save then apply, this will vary depending on your router and flavor of DDWRT.

You can test it on yourself to see if it works, just add your own MAC address in the list.

Download and install a torrent downloader etc.

 

 

Adding your entire network to the list

Instead of adding individual MAC addresses in the Access Restrictions, add the range of your DHCP eg 192.168.1.2 – 192.168.1.253. Or whatever you have it set it to.

This will also block yourself.

 

If you wish to exclude yourself here is what you do.

Go to the basic setup set your DHCP settings to start from 192.168.1.10(just an example)

Click apply then save or save then apply, this will vary depending on your router and flavor of DDWRT.

Reboot the router to be sure the changes have taken place

Go to the Services tab, look under Static Leases. Get your MAC address and add to the list

 

MAC Address               Host Name                    IP Address                    Client Lease Time

xx.xx.xx.xx.xx              your computer name      192.168.1.2                  

 

Click apply then save or save then apply, this will vary depending on your router and flavor of DDWRT.

Reboot the router to be sure the changes have taken place

 

Your computer should now have a IP address of 192.168.1.2 (I used 192.168.1.2 as an example, the point is to set your DHCP starting from 192.168.1.10 so you know that from 192.168.1.2 – 192.168.1.9 is available to set static leases). You can use whatever you like just make sure you keep the address you are assigning to the Services tab free from the main DHCP list under the basic tab.)

 

 

Go to the Access Restrictions, add the range of your DHCP eg 192.168.1.10 – 192.168.1.253. Or whatever you have it set it to.

 

Now you have excluded yourself from the blocked list. The blocked list is from 192.168.1.9 – 192.168.1.253. Your address is 192.168.1.2 so you are excluded and you will always get the same IP.

Hope this helps

 

I am only a beginner at DDWRT so please excuse the typos and stuff.

Atif
Atif's picture
I did the same as written

I did the same as written above but still unable to block torrent on client. is there any other solution to block torrent downloading on the network I have network of 50 nods and using dd-wrt firmware on TP-Link router.
best suggestion is highly appreciable.
Many Thanks

slidermike
slidermike's picture
Atif,

Atif,
I don't know if this will help you but once you created the block list & applied it, did you reboot the router?

I remember Kong once telling me that those lists ONLY block new connections after the list is created. Any existing connections prior to the block list creation are allowed through by the FW.
Best thing to do is reboot the router after creating & enabling the block list.

Atif
Atif's picture
Thanks for your reply

Thanks for your reply Slidermike
As you said that router only block new connection after creating a block list I have reboot the router right now i will check it today that what its going to behave today. hope it could block the torrent downloading, I have enable QoS and add the port which i've created in access and restrictions tab of dd-wrt does it helpful for me to blocking torrent downloading?
Thanks
Atif

Accid
Accid's picture
What torrent program are you

What torrent program are you using?