Here is a script:
/ip firewall layer7-protocol
add comment="Block Bit Torrent" name=layer7-bittorrent-exp regexp="^(\\x13bitt\
orrent protocol|azver\\x01\$|get /scrape\\\?info_hash=get /announce\\\?inf\
o_hash=|get /client/bitcomet/|GET /data\\\?fid=)|d1:ad2:id20:|\\
RP]"
/ip firewall filter
add action=add-src-to-address-list address-list=Torrent-Conn \
address-list-timeout=2m chain=forward layer7-protocol=\
layer7-bittorrent-exp src-address=10.10.11.0/24 src-
!allow-bit
add action=add-src-to-address-list address-list=Torrent-Conn \
address-list-timeout=2m chain=forward p2p=all-p2p src-address=\
10.10.11.0/24 src-address-
/ip firewall filter
add action=drop chain=forward dst-port=!0-1024,8291,5900,
src-address-list=Torrent-Conn
add action=drop chain=forward dst-port=!0-1024,8291,5900,
src-address-list=Torrent-Conn
Note:
- src-address=10.10.11.0/24 : is your Local Address.
- if you have a problem with some application( Skype;Team viewer...) pls add those application port in to
/ip firewall filter
add action=drop chain=forward dst-port=!0-1024,8291,5900,
src-address-list=Torrent-Conn
add action=drop chain=forward dst-port=!0-1024,8291,5900,
src-address-list=Torrent-Conn
No comments:
Post a Comment