1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Block torrent data?

Discussion in 'Tomato Firmware' started by garyfritz, Dec 19, 2011.

  1. garyfritz

    garyfritz Addicted to LI Member

    I have my teenagers on a separate router (running Tomato) so I can manage their access better. Recently my 16-yr-old has been running uTorrent to download and seed a bunch of files.

    Our ISP actually caught him at this over a year ago, and sent out a threatening lawyer letter. I was never thrilled with his pirating habit so I used that as a club to tell him to stop running torrents. In addition to the risk of legal action and fines, it totally hoses MY net connection. And I work at home so I'm suffering from it the whole time he's seeding while he's at school.

    Last week I noticed my net connection was running veerrry slowly. Looked at bandwidth on his router, and sure enough -- it was blasting out data at full speed. A check on his PC (which he fortunately leaves unlocked) showed uTorrent running.

    I killed uTorrent and told him sternly he was NOT to run it again. 4 days later, guess what.

    For now I've blocked his access entirely until he agrees not to do it again. But I was wondering if there was a way to monitor and block torrent (or whatever) completely.

    Can I monitor for torrent traffic with anything short of WireShark or something like that?

    I know I can use Tomato QoS to limit the bandwidth to almost nothing. But that blocks everything they do, and it doesn't totally stop the torrent. Can I block particular ports or protocols? If so, how? I can't find anything likely in the Tomato interface, and all the Torrent questions I find in the FAQ are "how to I make torrents run BETTER" ....

    Thanks!
     
  2. maurer

    maurer LI Guru Member

    Hi,

    I've read your post and I was a little amused - mostly because I'm living in Romania where torrenting and DC++ is a "national sport" so most of the time we're trying to circumvent torrent blocking firewalls :)
    Anyway - I'm thinking about only letting port 80 and 443 open - this is the standard of most of my Austrian customer's firewall policy.
    Try this for a week or two and see your teenagers net behaviour.

    good luck :)
     
  3. garyfritz

    garyfritz Addicted to LI Member


    I was hoping I wouldn't have to get that hardcore. That will block lots of other things, and it'll be a nonstop hassle to handle their "open up port X for this, open up port Y for that" requests. (And unfortunately his brother is on the same router and would suffer for his sins, otherwise I'd just say "tough, kid, you broke the rules, this is your doing, so live with it.")​
    But if I open up a port for Minecraft, what's to keep him from running torrents on that port?​
    But apparently torrents can use just about any port (but not 80/443?) so there aren't too many other options. I was hoping there was some way to block the protocol or something. Especially since he's figured out Hamachi VPNs so I don't think port-blocking would stop that tunnel anyway...​
     
  4. shad0w

    shad0w Networkin' Nut Member

    I would suggest using qos and reduce it to a very small amount (but don't completely block it). When my dad or my school block things, it usually takes me no more than a day to work around it.
     
  5. garyfritz

    garyfritz Addicted to LI Member

    But QoS doesn't have any controls on it other than speed. I'd have to strangle their whole connection if I did that. Plus even running it slow still exposes you to legal issues with the ISP.
     
  6. shad0w

    shad0w Networkin' Nut Member

    Um.. tell him to tunnel all his torrents through tor or i2p or you'll cut him off?
     
  7. garyfritz

    garyfritz Addicted to LI Member

    I've *already* cut him off for now, and I'll make it clear I'll cut him off for a long time if I catch him again.

    Tunneling would probably protect you from ISP monitoring. It would still hose my bandwidth when I'm trying to work, though.
     
  8. fubdap

    fubdap Addicted to LI Member

    Try OpenDNS and use the custom setting to block torrent. See the attached screen shot. The P2P/File Sharing is suppose to block torrent.
     

    Attached Files:

  9. garyfritz

    garyfritz Addicted to LI Member

  10. Mercjoe

    Mercjoe Network Guru Member

    I fought this battle.

    Anything you can do to block them, the internet will give them a way around it.

    It is AMAZING the things they will come up with thinking you are a stupid parent.

    VPN's, proxy servers, link encryption, DNS re-directs, you name it, it WILL get tossed at you. The best was when my eldest figured out how to port forward to MY machine then out to the net effectively bypassing any and all attempts to limit him all the while making it look like he was still limited. Taught me the importance of passwords again.

    I could not stop them in the end without severing their internet altogether.

    I ended up setting up class E to the speed equivelant of a 56K modem and then used QOS to direct thier specific IP address to that class for ALL web activities they had. What I did do is make them use what little bandwidth they had efficently. If ONE kid tried to torrent, one of the others would come unglued and threaten homicide. In the end, peer pressure kept it at bay.
     
  11. garyfritz

    garyfritz Addicted to LI Member

    Clever kid! I have 3 routers: one gateway, connected to the net. Then two routers, Kid and Parent, plugged into the gateway. That way I have router-firewall isolation from their subnet. (And it also means Tomato can pull the plug on their connection at 10pm. :D) So far they haven't figured out how to break through that.

    That will be the result if he doesn't quit it. I confronted him with it this afternoon and he claimed innocence. Then he said "Oh wait, I bet that's one of those things that restarts automatically when you reboot!" So I said "Then. Uninstall. It."

    You are a brave man. I think they'd gang up and commit patricide if I tried that!
     

Share This Page