Here is a script:
/ip firewall layer7-protocol
add comment="Block Bit Torrent" name=layer7-bittorrent-exp regexp="^(\\x13bitt\
orrent protocol|azver\\x01\$|get /scrape\\\?info_hash=get /announce\\\?inf\
o_hash=|get /client/bitcomet/|GET /data\\\?fid=)|d1:ad2:id20:|\\x08'7P\\)[\
RP]"
/ip firewall filter
add action=add-src-to-address-list address-list=Torrent-Conn \
address-list-timeout=2m chain=forward layer7-protocol=\
layer7-bittorrent-exp src-address=192.168.88.0/24 src-address-list=\
!allow-bit
add action=add-src-to-address-list address-list=Torrent-Conn \
address-list-timeout=2m chain=forward p2p=all-p2p src-address=\
192.168.88.0/24 src-address-list=!allow-bit
/ip firewall filter
add action=drop chain=forward dst-port=!0-1024,8291,5900,5800,3389,14147,5222,59905 protocol=tcp \
src-address-list=Torrent-Conn
add action=drop chain=forward dst-port=!0-1024,8291,5900,5800,3389,14147,5222,59905 protocol=udp \
src-address-list=Torrent-Conn
5 comments
Write commentsThank You! In a hotspot server, where should these 4 filter rules be placed? At the Bottom of the filter rules ?
Replyit says p2p matcher is obsolete. please use layer 7 matcher instead
ReplyHey what a brilliant post I have come across and believe me I have been searching out for this similar kind of post for past a week and hardly came across this. Thank you very much and will look for more postings from you. auto repair Freehold NJ
ReplyPlainly, making and sharing a deluge is a straightforward errand. Albeit numerous clients of BitTorrent basically download from the network, it would be ideal if you consider to transfer your very own portion material. https://luckyshiner.com/kickass-torrents-proxy/
ReplyI have looked couple of days and discovered some spellbinding formed work on it. In any case, it is the best of all. Auto hail repair
ReplyEmoticonEmoticon