MikroTik

I am running 2.9rc7 in bridge mode on a PC between my ADSL router and internal LAN switch. I have only one P2P rule set for "all-p2p" to "drop" P2P traffic. Tested this with Limewire and some other P2P clients - works great no P2P gets through. Just what I want.

Downloaded new Ares Lite 1.8.1 and regular Ares since I heard they had changed their protocols. Both these P2P programs go straight through MT bridge with no problems and files can be downloaded. Not good

I read on IPP2P.org that they think Ares has changed/varied its protocols, they had to make some changes to ipp2p to stop new version of Ares.

regards

Peter

Peter

Instead of dropping the P2P traffic, try limiting it's bandwidth to a very small value.

P2P programs can be port agile and if they can't make a connection on their preferred port will switch to another. If you allow them a connection they won't do this but because of the small bandwidth, they won't be usable.

Regards

Andrew

Ares canot be speed-limited, but it should be possible to drop it...

I have had to lock out one of my customers because Ares gets right through the P2P drop rule, and throttling it does not work either. I tried to limit tcp-syn connects on this customer too, but it kept right on going. I hope the team in Latvia can get this fixed, older Ares used the warez protocol but this new one is going to be tough to identify.

Tom

It's unfortunate, but sometimes it does come down to disconnecting the customer, especially if they've already been warned to stop what they're doing. Your AP is YOUR shared resource, not their private one.

Andrew,

Thanks for the input. It seems a number or people say Ares can only be blocked not throttled. My personal feelings are that Ares have changed their protocols and the MT stuff has not kept up with the newer P2P software - which is a shame since the software on the whole is very good and powerful in terms of functions. It has been a steep learning curve but the product looks good.

Can any one confirm matters with KaZaA 3.0 and throttling or blocking with MT ??? as I think there may be problems here too.

P2P love or hate it has major impact of WAN links and needs to be kept under control.

Andrew where are you in Norfolk?? I live near Diss in small village called Occold.

regards
Peter.

I blocked p2p by limiting the tcp connections to each IP to only 4 on ports above 80 exept 443 (secure pages). I suppose this could cause problems with other apps but I didn't find any. Most p2p can't connect with so little ports

Spire2z,

Is there any chance you could post a example config?

Cheers

im using someting like this :

add chain=forward in-interface="internal_bridge" protocol=tcp dst-port=0-80 \
tcp-flags=syn,!fin,!rst,!psh,!ack,!urg,!ece,!cwr connection-limit=15,32 \
action=drop comment="Connlimit" disabled=no
add chain=forward in-interface="internal_bridge" protocol=tcp dst-port=81-442 \
tcp-flags=syn,!fin,!rst,!psh,!ack,!urg,!ece,!cwr connection-limit=15,32 \
action=drop comment="" disabled=no
add chain=forward in-interface="internal_bridge" protocol=tcp dst-port=443 \
tcp-flags=syn,!fin,!rst,!psh,!ack,!urg,!ece,!cwr connection-limit=50,32 \
action=drop comment="" disabled=no
add chain=forward in-interface="internal_bridge" src-address=!192.168.0.98 \
protocol=tcp dst-port=444-65535 \
tcp-flags=syn,!fin,!rst,!psh,!ack,!urg,!ece,!cwr connection-limit=5,32 \
action=drop comment="limit444" disabled=no

additionalny scheduler changing rule "limit444" from 5 to 400 connection per user from 0.30 till 7.30.

I blocked p2p by limiting the tcp connections to each IP to only 4 on ports above 80 exept 443 (secure pages). I suppose this could cause problems with other apps but I didn't find any. Most p2p can't connect with so little ports

Hi, could someone please put an example config that I could try with MT configured as a bridge with just 2 NIC's?? Want to see if Ares can be stopped using this method. regards Peter.