my company provides bandwidth via satellite to many customers around zimbabwe as well as installing mikrotik products to enable them control. just the other day we had a clients site marked for a claimed infringement for downloading movies via bittorrent. I have setup mangle rules to mark bittorrent connections on a layer7 basis and added firewall rules to drop any and all bittorent. strangely it seems to pass through.
i would like one of the following. either to be able to block all file sharing and P2P software 100% or to be able to Log the type of traffic customers do. I did ask a south african company licensed in mikrotik products and i was told that you are only able to view real time connections via IP > Firewall > Connections. preferably i would like to log everthing.
below are the mangle and firewall rules.
4 ;;; Drop Bittorrent L7 Input
chain=input action=drop layer7-protocol=bittorrent
5 ;;; Drop Bittorent L7 Forward
chain=forward action=drop layer7-protocol=bittorrent
6 ;;; Drop Bittorrent L7 Output
chain=output action=drop layer7-protocol=bittorrent
13 chain=prerouting action=mark-connection
new-connection-mark=bittorrent connection passthrough=no
layer7-protocol=bittorrent
any help would be greatly appreciated.