Torrent services successfully blocked
Finally got it to work
Just wanted to share my experience of being able to block torrent services on my guest network
I have set it by MAC address but you can use IP ranges or a specific IP combined with Static Leases on the Services tab if you so wish.
I am using R7000 using build 24500 with 2 Vlans.
I can also filter it using times of download to increase my bandwidth during peak usage hours.
I have set my port range from 1011 to 65535 and set my torrent downloader to use port 1000 so I can use torrents whenever I wish.
Thanks for sharing your experience. It would help the DD-WRT users.
I would suggest you to write a tutorial on that to make it more handy to the DD-WRT users.
OK
Coming soon
When configuring a router for shared access to the Internet, users of peer-to-peer file sharing applications like BitTorrent and eMule can seriously degrade performance for other users, particularly on asymmetric connections like cable and DSL. (This is because saturation of the slower uplink can greatly slow the normally much faster downlink.) To ensure fairer allocation of network capacity for all users, it may be desirable to throttle (degrade) peer-to-peer file sharing. (It's difficult if not impossible to block it completely.)
Access Restrictions
Enter the following settings in the DD-WRT Web GUI, click Apply Settings, and Reboot Router after all settings have been made. (It's a good idea to set a strong password to prevent unauthorized access to the DD-WRT Web Gui, and to save the configuration settings once desired results have been achieved.)
The above text is taken from http://secure.dd-wrt.com/wiki/index.php/Peer-to-Peer_%28P2P%29_Throttling
I used it as a guide to experiment on the settings.
Steps
Setup your router as you normally would. Backup your settings.
Go to Access Restrictions main tab
Under WAN/ Policy Name enter a Policy Name, I called mine P2P (keep it short no spaces).
Click on enable.
Click apply then save or save then apply, this will vary depending on your router and flavor of DDWRT.
Reboot the router to be sure the changes have taken place.
Very important get the MAC address of the client/clients you wish to Deny/Filter before you enter the next step.
If you do not know how to get the MAC address go to Main tab Status then click on LAN. The clients should be listed there. If you still cannot get the MAC address of your intended client/victim that’s ok. I will explain how to block a range of clients/ IP addresses later.
Log back into the interface and check to see if the changes have saved.
Go to Access Restrictions main tab and click on Edit List of clients, enter the mac of the intended client/victims you wish to Deny/Filter. There is a limit of 8 on the GUI, (not sure if more can be added via the command line).
After adding their MAC addresses click apply then save or save then apply, this will vary depending on your router and flavor of DD-WRT. Then click close.
Click apply then save or save then apply, this will vary depending on your router and flavor of DDWRT.
Reboot the router to be sure the changes have taken place.
Log back into the interface and check to see if the changes have saved.
Go to Access Restrictions main tab, click on Add/Edit Service under Blocked Services.
Here you need to add 2 services, Chose a Service name I called mine P2P1 and P2P2 (keep it short no spaces).
The first
Service Name P2P1
Protocol TCP
Port Range 1023-65535
The Second
Service Name P2P2
Protocol UDP
Port Range 1023-65535
See link to picture below
http://secure.dd-wrt.com/wiki/index.php/Image:P2PTCP.PNG
Do not add or use the TCP & UDP
Add them separately.
(I have found that in some routers it does not work.)
Click apply then save or save then apply, this will vary depending on your router and flavor of DDWRT.
You can test it on yourself to see if it works, just add your own MAC address in the list.
Download and install a torrent downloader etc.
Adding your entire network to the list
Instead of adding individual MAC addresses in the Access Restrictions, add the range of your DHCP eg 192.168.1.2 – 192.168.1.253. Or whatever you have it set it to.
This will also block yourself.
If you wish to exclude yourself here is what you do.
Go to the basic setup set your DHCP settings to start from 192.168.1.10(just an example)
Click apply then save or save then apply, this will vary depending on your router and flavor of DDWRT.
Reboot the router to be sure the changes have taken place
Go to the Services tab, look under Static Leases. Get your MAC address and add to the list
MAC Address Host Name IP Address Client Lease Time
xx.xx.xx.xx.xx your computer name 192.168.1.2
Click apply then save or save then apply, this will vary depending on your router and flavor of DDWRT.
Reboot the router to be sure the changes have taken place
Your computer should now have a IP address of 192.168.1.2 (I used 192.168.1.2 as an example, the point is to set your DHCP starting from 192.168.1.10 so you know that from 192.168.1.2 – 192.168.1.9 is available to set static leases). You can use whatever you like just make sure you keep the address you are assigning to the Services tab free from the main DHCP list under the basic tab.)
Go to the Access Restrictions, add the range of your DHCP eg 192.168.1.10 – 192.168.1.253. Or whatever you have it set it to.
Now you have excluded yourself from the blocked list. The blocked list is from 192.168.1.9 – 192.168.1.253. Your address is 192.168.1.2 so you are excluded and you will always get the same IP.
Hope this helps
I am only a beginner at DDWRT so please excuse the typos and stuff.
I did the same as written above but still unable to block torrent on client. is there any other solution to block torrent downloading on the network I have network of 50 nods and using dd-wrt firmware on TP-Link router.
best suggestion is highly appreciable.
Many Thanks
Atif,
I don't know if this will help you but once you created the block list & applied it, did you reboot the router?
I remember Kong once telling me that those lists ONLY block new connections after the list is created. Any existing connections prior to the block list creation are allowed through by the FW.
Best thing to do is reboot the router after creating & enabling the block list.
Thanks for your reply Slidermike
As you said that router only block new connection after creating a block list I have reboot the router right now i will check it today that what its going to behave today. hope it could block the torrent downloading, I have enable QoS and add the port which i've created in access and restrictions tab of dd-wrt does it helpful for me to blocking torrent downloading?
Thanks
Atif
What torrent program are you using?