Packeteer's Technical Exchange

A forum for sharing ideas.

Skip to content

Block P2P

Discussions about PacketShaper

Moderator: Moderators

Post a reply

Block P2P

Postby danilody on Mon May 31, 2010 2:06 am

Hi,

Has anyone tried this guide? https://bto.bluecoat.com/packetguide/8.5/solutions/app-control/control-p2p.htm

I tried it and Block Unwanted Traffic instruction but I can still download using U-Torrent

I might be missing something :)

dn: ou=P2P.IN,ou=Inbound,ou=/default,ou=pscfg,o=iqos
iqosClassID: 162659084
iqosOutsideServiceGroup: P2P
iqosOverlayRule: opaque
iqosPolicyType: discard
iqosProtocolName: IP
objectClass: iqosMatchingRule
objectClass: iqosPartitionClass
objectClass: iqosPolicyClass
objectClass: iqosTrafficClass
objectClass: top
modifyTimestamp: 20100428112032Z

dn: ou=P2P.OUT,ou=Outbound,ou=/default,ou=pscfg,o=iqos
iqosClassID: 968826086
iqosInsideServiceGroup: P2P
iqosOverlayRule: opaque
iqosPolicyType: discard
iqosProtocolName: IP
objectClass: iqosMatchingRule
objectClass: iqosPartitionClass
objectClass: iqosPolicyClass
objectClass: iqosTrafficClass
objectClass: top
modifyTimestamp: 20100428112004Z


TIA
danilody
 
Posts: 9
Joined: Mon Aug 23, 2004 9:49 pm
Top

Re: Block P2P

Postby Norbert on Mon May 31, 2010 6:47 am

Hi,

From that same page;

The procedure described here will catch and control most P2P, file-sharing traffic. It might not catch obscure hybrids or mutations of these protocols. But it is usually sufficient to contain 90 percent of the traffic to maintain a useable network. If this is true for you, stop here. If not, follow the procedure described in Prepare for the Next Napster.

Continue to evaluate the effectiveness of your solution by checking the Top Ten tab or the Top Ten pie chart regularly.


Personally I do not like them using the word "block" on that page. I like the text "it is not a firewall" on https://bto.bluecoat.com/packetguide/8.5/solutions/security/prevent-dos-attacks.htm much better.

Forget about "blocking" P2P and the likes (Skype) with the PacketShaper. Shape it down to a level where it does not interfere with what brings in the money, or better, guarantee the bandwidth for these apps (usually well behaved and can be accurately classified) and give everything else the rest of the bandwidth at a low priority. If you are in an Enterprise and P2P is not allowed then simply track down the client-IP and pay the person a visit. Bring a manager or an HR-rep for legal purposes.

Norbert
User avatar
Norbert
 
Posts: 209
Joined: Thu Aug 21, 2003 7:52 am
Top

Re: Block P2P

Postby danilody on Wed Jun 02, 2010 2:07 am

Norbert, thanks for the insight and recommendation. I will have to look for alternative though, like proxy maybe as we are more on automating.
danilody
 
Posts: 9
Joined: Mon Aug 23, 2004 9:49 pm
Top

Re: Block P2P

Postby telness on Thu Jun 03, 2010 5:29 am

hello

you can create a class on ".torrent" file.( criterion)
then you can "block" .torrent file and make harder the download !

++
http://packeteer-technical.blogspot.com
sorry for my bad english ^^
telness
 
Posts: 262
Joined: Mon May 29, 2006 2:06 am
Location: french
Top
Post a reply

Return to PacketShaper

Who is online

Users browsing this forum: No registered users and 1 guest

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group