Forced Encrypted P2P

petyol · Thu Dec 07, 2006 1:53 pm

Hi,

We have implemented a Firewall rule with a scheduler that drops p2p traffic between 6 am and 9 pm everyday. it has been working for some p2p traffic , but it seems that users using utorrent , who forces the encryption are still able to download during the 6 am - 9 pm time frame when the firewall rule should drop encrypted the traffic.

According to discussion i had with Normis at MUM singapore Mikrotik can drop encrypted P2P but it cannot shape or limit the traffic.

Has anyone observed anything similar.

Francis Victor
Kokonet LTD
http://www.kokonet.sc

mortin · Sun Dec 10, 2006 3:57 am

Hello,

Mikrotik can drop encrypted p2p traffic but only if the drop rule is enabled just before the user starts any p2p connections (run p2p software).

Enabling the drop rule at 6 am doesn't affect early established connections so the user can still download p2p garbage.

Regards
Marcin

titius · Sun Dec 10, 2006 5:46 am

ok, so if we waant to drop encrypted p2p we have to turn FW rule before using torrent??

Well I think tried that to, "but still..... they come"

Nope, it doesnt work

mortin · Sun Dec 10, 2006 11:03 am

Turn on the FW rule and restart the router.

Regards
Marcin

petyol · Sun Dec 10, 2006 7:11 pm

Hi,

you mean if i am droping p2p onmy core router, i need to reboot it .

mortin · Sun Dec 10, 2006 7:16 pm

Hello,

Yes after activating the drop rule just restart the router and then try to open any p2p software on client maschine...

Hello,
when p2p connection is beeing established some first pacets go unencrypted, so
if you manage to drop them you block it that way.
Regards,
Janis

http://forum.mikrotik.com/viewtopic.php ... rypted+p2p

Regards
Marcin