# How to block torrent in personal WiFi network?



## dashing.sujay (Apr 9, 2012)

Guys, I own a wifi network with 3-4 systems. I need to block torrent downloading for others/all. I googled and came out with some _suggested_ solutions, but some did't worked, and in most cases, can't figure out how to make them work  . 

1) port blocking *1024-65534* (most simple, but I guess my beetel 450TC1 router doesn't support that or I couldn't find an option to do that)

2) Squid, but how?  

3) Using QoS. Can any one explain how to use them?

4) Using OpenDNS account, add a block list and linking router to it. Just sites are blocked, not download through torrent app.

No way I am gonna buy new router.

Only I have access to router settings and no one is even a bi tech savvy to counter any limitations. So any simplest solution would suffice.

TIY


----------



## asingh (Apr 9, 2012)

^^
Port blocking will also not work, cause the clients can actually use any port. You can try QoS, and set a limit for each IP. But then all their traffic will move at the speed  you set. Just ask them to not do it. Or block out their MACs.

Else give this link a try. You would need to install it on one machine to control the network.

*www.imfirewall.us/WFilter.htm


----------



## dashing.sujay (Apr 9, 2012)

asingh said:


> ^^
> Port blocking will also not work, cause the clients can actually use any port. You can try QoS, and set a limit for each IP. But then all their traffic will move at the speed  you set. Just ask them to not do it. Or block out their MACs.



I am not able to figure out how QoS works.  Any help?

Setting a limit is not possible at least via hardware, as its not supported by router. Via software, I have no idea.

Blocking MAC addresses is a no no. I can't stop them from accessing net, but after repeating request not to hog bandwidth, they don't listen. So, have to do some workaround.

The most efficient method sounds to me is OpenDNS. But firstly, its not working from router, second, its working when set up on local computer, but its blocking only torrent sites, not torrent downloading.


----------



## meetdilip (Apr 9, 2012)

Disable UPnP in modem and check. Mostly ports will be closed if you are in PPPoE mode.


----------



## dashing.sujay (Apr 9, 2012)

^Found that in google search, about to try that. But first researching that will it affect something else or not.


----------



## asingh (Apr 9, 2012)

dashing.sujay said:


> I am not able to figure out how QoS works.  Any help?
> 
> Setting a limit is not possible at least via hardware, as its not supported by router. Via software, I have no idea.
> 
> ...



I put in a software link, later on in my post. Install that on one computer, it shall allow you to disable p2p on any computer on your lan. Try it out.


----------



## dashing.sujay (Apr 9, 2012)

Yes, downloading that. (256kbps  )



asingh said:


> I put in a software link, later on in my post. Install that on one computer, it shall allow you to disable p2p on any computer on your lan. Try it out.



Not working.  Its giving a lot of errors. I also tried making custom protocol, but then the things get a bit too technical. There's no option to block port (or I can't find).

EDIT: Its working, just tinkering.


----------



## asingh (Apr 9, 2012)

^^
It has to work. It has options. You will have to play around. Does it automatically recognize all computers on the LAN..?


----------



## dashing.sujay (Apr 9, 2012)

WFilter self says that to block certain P2P apps I need to block 1024-65524 UDP range. Without this, I can't block P2P/torrent completely.

See this-


*i.imgur.com/Iw0YZ.png


I already have blocked Bitorrent, but its still able to download, due to the fact that I actually have blocked only "active" ports, not the entire range which I need to.

When I block the current port, the torrent traffic is throttled down by a huge margin, but in some secs, it again goes up. You can guess why.

Its also not tracking IDM data.



> Does it automatically recognize all computers on the LAN..?



Can't say now. All systems are off now, but it doesn't detects my mobile. 

*Update*- Can't see systems in LAN. WiFi deployment error.

Here's the culprit:

Azureus (   Up to version "4.2"   )
BitComet (   Up to version "1.24"   )
BitLord (   Up to version "v.1.2beta"   )
Bittorrent (   Up to version "7.2"   )
*uTorrent (   Up to version "2.2.0.23235"   )*
Warez (   Up to version "3.2.0"   )

I had ver 3.0.


----------



## asingh (Apr 9, 2012)

^^
So the application is legacy.


----------



## dashing.sujay (Apr 9, 2012)

asingh said:


> ^^
> So the application is legacy.



Yea. 

Still searching my options. Tried MMC, created IP filtering policy, hell that was supposed to work, but it didn't. (may be I needed to reboot my pc which I didn't)


----------



## asingh (Apr 9, 2012)

Tried the app I gave you. Useless.


----------



## dashing.sujay (Apr 9, 2012)

asingh said:


> Tried the app I gave you. Useless.



Pretty much. It just works for the host which is of course not intended.


----------



## whitestar_999 (Apr 10, 2012)

to use torrents port forwarding is must no matter what port is used & it can be done only in modem/router settings.if only you have access to modem/router settings then why not simply disable/delete all port forwarding rules.


----------



## dashing.sujay (Apr 10, 2012)

whitestar_999 said:


> to use torrents port forwarding is must no matter what port is used & it can be done only in modem/router settings.if only you have access to modem/router settings then why not simply disable/delete all port forwarding rules.



Problem is absence of those settings in router. I am not able to find an option to do that. I also came to know that this can be achieved via QOS, but how?


----------



## whitestar_999 (Apr 10, 2012)

see here:
Router Screenshots for the Beetel 110TC1 - PortForward.com


----------



## dashing.sujay (Apr 10, 2012)

whitestar_999 said:


> see here:
> Router Screenshots for the Beetel 110TC1 - PortForward.com



Sorry for my mistake, but my router is 450TC1  .

Update: QOS also can't do it.



			
				Signify said:
			
		

> What you have to understand is that normally you are not in control of the rate of traffic to you. It's always the senders and the network to you that dictate the speed. If the traffic is TCP your application and network stack can slow it down some but if it's UDP traffic you are totally out of to control all the way until the traffic hits your router. Also there is no QoS on Internet so even if you could make a deal with the sending part to prioritize some kind of traffic by marking it a specific way no equipment that is part of Internet do really care.
> QoS on IP and ethernet is mainly done by buffering traffic in different queues on the outgoing interface of the equipment. Compare it to the lanes of a highway but in this case the lanes have different speed limits. What traffic ends up in a specific queue depends on a marking (TOS/DSCP/COS) a packet/frame has and the one set in the equipment combined with a rule set.
> The problem is that there are different ways to mark packets and frames and equipment have different amount of queues (or none). Ethernet use only cos markings that is only supported on vlan tagged frames. Ip on the other hand use two ways DSCP or IP-precedence. An ethernet frame with vlan tag can carry a cos marking and the ip packet inside it can carry a DSCP or IP-precedence marking but nothing say one thing demands or rules out the other.
> OK but what happens if that multi lane highway funnels into a one lane road? now suddenly there is no way to control the individual speed of the cars. All have to conform to the pace of the car ahead. This is exactly how it works on Internet. No matter what the speed limit (bandwidth) of a connection is all have to conform to that. You can't form a "buss lane" to let some traffic by the other.
> ...



*Source*


----------



## whitestar_999 (Apr 10, 2012)

see the screenshot "Advanced Setup - NAT"
Screenshots - Beetel - 450TC1 (Beetel Firmware) | PcWinTech.com?


----------



## dashing.sujay (Apr 10, 2012)

Already saw, but no info there


----------



## whitestar_999 (Apr 10, 2012)

can you post a screenshot of your modem setting under "advanced setup"(by no info i am assuming your settings page is different from the one in screenshots).


----------



## dashing.sujay (Apr 10, 2012)

^Its exactly same. I'm posting btw.

Checked every section. Exactly same, not worth posting. Someone has simply uploaded the default settings screenshot.


----------



## PraKs (Apr 10, 2012)

Do you have list of torr* clients used by users ?


----------



## dashing.sujay (Apr 10, 2012)

PraKs said:


> Do you have list of torr* clients used by users ?



They either use uTorrent or BiTorrent. But how does that helps ?


----------



## sameer.pur (Apr 10, 2012)

Did you check your Router's firmware? Is there any update available?
Maybe some options are not there in the older firmware.

Also what issue did you face when trying to use OpenDNS. Do you have dynamic IP?


----------



## dashing.sujay (Apr 10, 2012)

sameer.pur said:


> Did you check your Router's firmware? Is there any update available?
> Maybe some options are not there in the older firmware.
> 
> Also what issue did you face when trying to use OpenDNS. Do you have dynamic IP?



I can't take the risk to update firmware of router. If ever it went kaput, I'm screwed! My mates will kill me.

OpenDNS is working fine but not blocking torrent download, instead its just blocking torrent sites. If someone has already downloaded .torrent file, he can easily go ahead with downloading.

Yeah, dynamic IP.


----------



## whitestar_999 (Apr 10, 2012)

one possible way is to forcibly assign different lan IPs to target systems.e.g. target system 1(mac id xxx.....) assign lan ip 192.168.3.4 etc.this way port forwarding should not work(UPnP must be disabled in modem/router).btw did you check the port triggering summary button in "Advanced Setup - NAT".


----------



## dashing.sujay (Apr 10, 2012)

All the systems on LAN already have diff IPs. 
What do I gain by disabling UPnP ?

No, port triggering is not checked.


----------



## whitestar_999 (Apr 10, 2012)

UPnP is must without port  forwarding settings for torrents to work correctly in systems behind a router.disable UPnP,reboot modem & then try downloading any torrent.


----------



## dashing.sujay (Apr 11, 2012)

whitestar_999 said:


> UPnP is must without port  forwarding settings for torrents to work correctly in systems behind a router.disable UPnP,reboot modem & then try downloading any torrent.



Mission unsuccessful.


----------

