MikroTik

Community discussions
https://forum.mikrotik.com/

Port(s) of P2P

https://forum.mikrotik.com/viewtopic.php?t=17690

Page 1 of 1

Port(s) of P2P

Posted: Fri Aug 10, 2007 5:37 am
by brundier
Another P2P thread, just wanna know thereis any default port that using by P2P so we can block it at all? Cause i just put :
/ip firewall chain=forward p2p=all-p2p action=drop
and its not help at all, so it`s better to block port that P2P use at all... anyone please?

Re: Port(s) of P2P

Posted: Fri Aug 10, 2007 12:12 pm
by titius
1024<>65535

p2p software uses random ports so, block all ports between 1024 and 65535, and then, forward ports that your customers nedd, for example 6667 port, or whaterver, that is the best solution for fighting p2p.

Re: Port(s) of P2P

Posted: Fri Aug 10, 2007 3:33 pm
by normis
or you can just allow the ports you need, and block everything else. allow like 80, 443, 8080, 21, 22, 23 and something else you might require. block the rest :) drastic but effective.

Re: Port(s) of P2P

Posted: Sat Aug 11, 2007 2:03 pm
by abab_rafiq
If your p2p-all is not work here then port blocking doesn't make any sense.. I think.

Test with kazza of port 1214.

Rafiq...

Re: Port(s) of P2P

Posted: Wed Aug 29, 2007 8:01 pm
by cpresto
Apply mangle to all known traffic is what I'm currently doing and it works quite good, but avery day ports need to be opened to allow newer applications (vpns, custom applications, voip, ...).
Actually I do mangle as follows:
## known traffic-->mark connection(known)-->mark packet(known)-->mark routing(known)
##unknown traffic-->mark connection(!=known)-->mark packet (unknown)

all unknown traffic goes through default gateway and is shaped with a simple queue.

I would like to apply a new mark routing to unknown traffic, in order to route it to a router different from default gateway:
##unknown traffic-->mark connection(!=known)-->mark packet (unknown)-->mark routing (unknown)

Despite the fact that new mark routing rule works (it is matched), this configuration doesn't work: traffic seems not be accepted into simple queue.. :?

Any idea?

Rgds

Re: Port(s) of P2P

Posted: Thu Aug 30, 2007 1:02 am
by ghmorris
We were having a severe problem with encrypted PtP on Port 80 pretending to be HTTP traffic.

This is probably the worst scenario you can imagine. The problem BitTorrent clients capable of encrypton are the newer versions of uTorrent, Azureus and BitComet.

MT couldn't find this stuff at all. We had fair results with connection aging, but yesterday gave up and bought an appliance. Today, no problem with PtP. Closest thing to magic I've seen in years.

I love my MTs, but the new-generation encrypted PtP is tough going.

George

Re: Port(s) of P2P

Posted: Thu Aug 30, 2007 9:09 am
by normis
we will work on improving the p2p matcher in v3, something similar to the mentioned L7 filter
All times are UTC+02:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/