good ADSL2 wifi router that can block torrents

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › good ADSL2 wifi router that can block torrents

reven

3748 posts

Uber Geek
+1 received by user: 874

Trusted

#89347 31-Aug-2011 16:10

hi guys,

im wanting to upgrade my router (its starting to crap out) and im wanting one that can do
- dual band 802.11g and 802.11n
- DHCP
- gigabit
- adsl2+ (possible vdsl for future proof, havent done much reading on this though)
- block torrents on on certain machines (based on mac address or something, i sometimes download linux distros through torrents, but dont want someone on my wireless downloading stuff they shouldnt)
- preferably with internal aerials
- the more network ports the better

any suggestions?

TIA

1 | 2

30853 posts

Uber Geek
+1 received by user: 9996

Retired Mod

Trusted

Biddle Corp

Lifetime subscriber

#514568 31-Aug-2011 16:25

You can't fully block torrents, no matter what hardware you buy.

muppet

2642 posts

Uber Geek
+1 received by user: 1660

Trusted

#514571 31-Aug-2011 16:30

sbiddle: You can't fully block torrents, no matter what hardware you buy.

Yea you can. Put a firewall in their way so they can do nothing. But put a squid proxy somewhere on the network you control that is allowed out on certain ports. Force the end-user through the proxy.

Doing this you can allow HTTP/HTTPS and limited access to Instant Messengers and stuff.

This'll also cause problems with many normal things like ssh, ftp, imap/pop/smtp etc, all of which you can work around on a limited whitelist basis (only allow IMAP access to Telecom's ranges etc)

But you can do it.

Audiophiles are such twits! They buy such pointless stuff: Gold plated cables, $2000 power cords. Idiots.

OOOHHHH HYPERFIBRE!

theEd

341 posts

Ultimate Geek
+1 received by user: 26

Trusted

#514575 31-Aug-2011 16:36

Most torrent clients have built-in systems to detect attempts at blocking torrents and work around them (e.g. putting all their torrents SSLed over port 443).

The only real way to work around this is with some hefty deep packet inspection, for which you need a full-on UTM/Firewall appliance like a Cyberoam. I'm not aware of any decent ones sub-$500.

muppet

2642 posts

Uber Geek
+1 received by user: 1660

Trusted

#514578 31-Aug-2011 16:42

theEd: Most torrent clients have built-in systems to detect attempts at blocking torrents and work around them (e.g. putting all their torrents SSLed over port 443).

The only real way to work around this is with some hefty deep packet inspection, for which you need a full-on UTM/Firewall appliance like a Cyberoam. I'm not aware of any decent ones sub-$500.

How many people sharing torrents have their client listening for incoming connections on port 443? I'm going to guess not many (most torrent clients I've seen try to listen port 1024 and above.)

You can always disable SSL on your proxy, or whitelist on a case-by-case basis if that was to actually work (which I very much doubt, but yes, it is a valid escape vector)

Audiophiles are such twits! They buy such pointless stuff: Gold plated cables, $2000 power cords. Idiots.

OOOHHHH HYPERFIBRE!

blakamin

4431 posts

Uber Geek
+1 received by user: 1306
Inactive user

#514579 31-Aug-2011 16:44

And so it begins...

muppet

2642 posts

Uber Geek
+1 received by user: 1660

Trusted

#514595 31-Aug-2011 17:07

Apologies, reven, I realise I've probably taken your post offtopic a little bit.

Steve's right in that there's no simple easy way to do this, especially not a little ADSL router that'll just have a "stop torrents" option. If you really want to try and stop torrents you'll need to get rather indepth (as I've posted) about, otherwise there's really not a lot you can do, short of buying some very expensive hardware!

Sorry!

Audiophiles are such twits! They buy such pointless stuff: Gold plated cables, $2000 power cords. Idiots.

OOOHHHH HYPERFIBRE!

Geekzone

Want to support Geekzone and browse the site without the ads? Subscribe to Geekzone now (monthly, annual and lifetime options).

xpd

Geek of Coastguard
14115 posts

Uber Geek
+1 received by user: 4574

Retired Mod

ID Verified

Trusted

Lifetime subscriber

#514644 31-Aug-2011 19:09

Some routers might (I havent seen any personally) let you block by filename, just block *.torrent files for a start, but as the others have said, without buying extra hardware firewalls etc, youre kinda limited to what you can do.

Buy a cheap box, put a decent proxy on it......

XPD / Gavin

LinkTree

reven

3748 posts

Uber Geek
+1 received by user: 874

Trusted

#514714 31-Aug-2011 21:13

thanks guys, i thought there might have been some custom firmware that could do this. i noticed my brothers laptop had a torrent client open all the time and quickly uninstalled this the other day, but i dont really have control if someone else installs it again.

this law really is a bitch, the internet is under my name, but i cant really stop someone else using it, i was hoping a router would with a normal open mode and a "guest" sub network with limited access to only do a small number of things.

shrub

790 posts

Ultimate Geek
+1 received by user: 272

ID Verified

#514725 31-Aug-2011 21:33

Just use a proxy server to D/L ur dodgy stuff google is your friend here. Or setup a box and spends weeks setting it up to block everything and open things you need as you go.

kobiak

1615 posts

Uber Geek
+1 received by user: 551

Trusted

#514731 31-Aug-2011 21:40

torrents work fine on port 80... i'm just saying :)

yeah the only quick fix solution I could think of: find as many torrent sites and block them - user cannot access - wont download (also block .torrent extension).

helping others at evgenyk.nz

sbiddle

30853 posts

Uber Geek
+1 received by user: 9996

Retired Mod

Trusted

Biddle Corp

Lifetime subscriber

#514741 31-Aug-2011 21:55

kobiak: torrents work fine on port 80... i'm just saying :)

yeah the only quick fix solution I could think of: find as many torrent sites and block them - user cannot access - wont download (also block .torrent extension).

Blocking .torrent files is about as effective as putting a sign up at the pool telling people not to do number 1's in the pool. It makes people feel good but is totally ineffective.

To block torrenting you need to take a two fold approach, firstly by targeting the trackers which are the weakest link. If you can stop these from initializing you're part of the way there. Of course you've then got trackerless P2P to deal with which can at present be limited by some fancy DNS redirects.

Apple TV

Stream your favourite shows now on Apple TV (affiliate link).

coffeebaron

6304 posts

Uber Geek
+1 received by user: 3566

Trusted

Lifetime subscriber

#514749 31-Aug-2011 22:07

Some Draytek routers can be set to limit number of simultaneous connections, thus limiting the effectiveness of torrents.

Rural IT and Broadband support.

Broadband troubleshooting and master filter installs.
Starlink installer - one month free: https://www.starlink.com/?referral=RC-32845-88860-71
Wi-Fi and networking
Cel-Fi supply and installer - boost your mobile phone coverage legally

Need help in Auckland, Waikato or BoP? Click my email button, or email me direct: [my user name] at geekzonemail dot com

Ragnor

8279 posts

Uber Geek
+1 received by user: 585

Trusted

#514784 1-Sep-2011 01:30

coffeebaron: Some Draytek routers can be set to limit number of simultaneous connections, thus limiting the effectiveness of torrents.

Only takes 1 connection for your ip address to be detected connecting to a public tracker/swarm which anti infringement companies have also connected to and are recording all ip addresses.

nakedmolerat

4631 posts

Uber Geek
+1 received by user: 874

Trusted

Lifetime subscriber

#514785 1-Sep-2011 01:56

reven: hi guys,

im wanting to upgrade my router (its starting to crap out) and im wanting one that can do
- dual band 802.11g and 802.11n
- DHCP
- gigabit
- adsl2+ (possible vdsl for future proof, havent done much reading on this though)
- block torrents on on certain machines (based on mac address or something, i sometimes download linux distros through torrents, but dont want someone on my wireless downloading stuff they shouldnt)
- preferably with internal aerials
- the more network ports the better

any suggestions?

TIA

if you are so concerned with the new law, why not using VPN on the router itself.. you can get cloakbox or get router that support DD-WRT to use Astrill VPN

reven

3748 posts

Uber Geek
+1 received by user: 874

Trusted

#514979 1-Sep-2011 11:52

nakedmolerat:
reven: hi guys,

im wanting to upgrade my router (its starting to crap out) and im wanting one that can do
- dual band 802.11g and 802.11n
- DHCP
- gigabit
- adsl2+ (possible vdsl for future proof, havent done much reading on this though)
- block torrents on on certain machines (based on mac address or something, i sometimes download linux distros through torrents, but dont want someone on my wireless downloading stuff they shouldnt)
- preferably with internal aerials
- the more network ports the better

any suggestions?

TIA

if you are so concerned with the new law, why not using VPN on the router itself.. you can get cloakbox or get router that support DD-WRT to use Astrill VPN

im not worried about the law for myself, and dont want to slow down my internet for every computer, im worried about other computers connecting to my network that i dont admin. for instance my brothers computer or his gfs computer. i cant ensure those computers are using a proxy or dont have a torrent client installed.
i was hoping i could only allow them to connect to a guest subnetwork (ive read some routers can have a second limited guest network) which i could block torrents etc from, and only give them the password for that network.
also i dont really want to put everything through a vpn, wouldnt trust online banking through a vpn etc

1 | 2