Block Torrent in VPN servers

Portal Home > Knowledgebase > Articles Database > Block Torrent in VPN servers

Posted by nashenas, 01-20-2011, 05:07 AM
Hello , I have a vpn server and I want to block the trackers for the torrent file: http://tracker.openbittorrent.com:80/announce udp://tracker.openbittorrent.com:80/announce http://tracker.publicbt.com:80/announce udp://tracker.publicbt.com:80/announce http://9.rarbg.com:2710/announce http://10.rarbg.com/announce http://11.rarbg.com/announce http://genesis.1337x.org:1337/announce http://nemesis.1337x.org/announce udp://denis.stalker.h3q.com:6969/announce http://denis.stalker.h3q.com:6969/announce Please advise . Server is centos Thank you
Posted by Hostizzle, 01-22-2011, 01:34 AM
Interesting question. Short answer: it's pretty tough to block Port 80 P2P traffic. Longer answer: The users can encrypt the traffic before it hits your VPN, so good luck figuring out which encrypted Port 80 packets are destined for P2P servers. There was a helpful thread on serverfault, which I can't link. They recommended a tool call ipp2p, which I can't link here. Evidently there are tools to detect even encrypted P2P packets, but it's probably expensive. Probably the easiest thing to do is use a little social engineering: tell your users you log their activities. HTH
Posted by jon-f, 01-22-2011, 02:14 AM
isnt that the reason users get VPNs? to be able to do torrents privately? What else would they use them for besides p2ps, hacking and/or firewall bypassing?
Posted by Hostizzle, 01-22-2011, 03:23 AM
At least on my VPN they're using it mostly for Facebook. I got linked on a Filipino forum last week, so I got hundreds of requests for access from over there. My theory is that they block Facebook at these call centers, so workers will get to Facebook using my VPN. Way I see it, Facebook should be sponsoring my VPN! I have some Chinese people presumably going on Google and some people in Dubai probably looking at pron. I'm sure there are some trying to do stuff behind corporate or school firewalls. There are some bittorrent people, not that I mind, but I'm not sure I want these guys much. They eat a lot of bandwidth and might get me served with a DMCA notice. I have a lot of bandwidth so I don't care, but if 1,000 of these guys showed up tomorrow, I'd sweat a little. I'm not saying I log or block ports, but I understand if someone does want to do these things.
Posted by funkywizard, 01-27-2011, 09:56 AM
you can nullroute them. Do an ip lookup of all those domains, and make a list of the ips. On the server doing the vpn, you can then send this traffic to nowhere useful: route add -net ip-address-to-block/32 gw some-ip-thats-not-a-router You'll have to make a script to put these rules in at reboot as well.
Posted by funkywizard, 01-27-2011, 09:57 AM
I knew a guy who ran some VPN services that specifically catered to the bittorrent crowd, and he said he would only get a handful of DMCAs and it generally wasn't a big deal. If it were me, I would take a reactive approach on this and only do something about it if it actually becomes a problem for you.