Page 1 of 2
Port blocking
Posted: Fri 11 Nov, 2005 18.09
by rts
A lot of people in the house are using Limewire, and we are close to exceeding our bandwidth.
Is it possible to block applications like Limewire through the router? And more precise, just downloading videos, but allowing music downloads?
Re: Port blocking
Posted: Fri 11 Nov, 2005 18.19
by Chris
rts wrote:A lot of people in the house are using Limewire, and we are close to exceeding our bandwidth.
Is it possible to block applications like Limewire through the router? And more precise, just downloading videos, but allowing music downloads?
I suppose you could block the appropriate ports, but that would kill the application completely, or they might just jump to another port and you would be forever running around trying to close the holes.
About this limit - are you talking a data "cap" as offered by some ISPs or are you simply talking about everyone trying to download at once, thereby saturating the line?
A bit of diplomacy may come into play here - try and get them to restrict their porn and music habits to out of hours (i.e. 1am in the morning) rather than at peak times when everyone is likely to be in and using the connection. I am sure if they are reasonable people they would have some consideration for others and the fact that it's a shared connection.
Re: Port blocking
Posted: Fri 11 Nov, 2005 18.27
by rts
Chris wrote:rts wrote:A lot of people in the house are using Limewire, and we are close to exceeding our bandwidth.
Is it possible to block applications like Limewire through the router? And more precise, just downloading videos, but allowing music downloads?
I suppose you could block the appropriate ports, but that would kill the application completely, or they might just jump to another port and you would be forever running around trying to close the holes.
About this limit - are you talking a data "cap" as offered by some ISPs or are you simply talking about everyone trying to download at once, thereby saturating the line?
A bit of diplomacy may come into play here - try and get them to restrict their porn and music habits to out of hours (i.e. 1am in the morning) rather than at peak times when everyone is likely to be in and using the connection. I am sure if they are reasonable people they would have some consideration for others and the fact that it's a shared connection.
It's a mixture of a data cap being approached, and saturation of the line.
Unfortunately everybody is denying they are downloading vast amounts of movies, so as last resort to make sure our limit is not reached, and to free up the line, Limewire needs to be blocked!
Re: Port blocking
Posted: Fri 11 Nov, 2005 21.30
by Chris
rts wrote:It's a mixture of a data cap being approached, and saturation of the line.
Unfortunately everybody is denying they are downloading vast amounts of movies, so as last resort to make sure our limit is not reached, and to free up the line, Limewire needs to be blocked!
Oh dear - as I have said you could block the ports but it would kill the application completely, and if they are reasonably computer literate and understand ports and all that other crap, then they can change the ports in the application and simply hop to another one.
As to the cap - perhaps it is time to change ISP? Who is your current ISP?
Posted: Sat 12 Nov, 2005 11.59
by James Martin
Ouch!
I wouldn't touch Limewire with a bargepole. My neighbour at uni put that on as everything else was blocked by the uni.
Full of spyware. MAJORLY so.
I never managed to competely get her PC back to rights...
Posted: Sat 12 Nov, 2005 12.07
by James H
James Martin wrote:
I never managed to competely get her PC back to rights...
then surely you should have stopped using her computer to upload gay porn?
Posted: Sat 12 Nov, 2005 12.46
by Sput
Limewire is one of the better behaved applications as far as bandwidth usage goes. If your line is reasonable (1Meg or more) you shouldn't have problems with saturation UNLESS they've not stopped their Limewires from UPLOADING stuff, which has a significantly lower bandwidth.
Now fortunately as I say Limewire is well behaved in that you can easily find the settings that tell it to share no files. That's likely what's slowing down your line.
Aside from that, p2p is incideous because it's extremely effective at connecting through limited port ranges. On the offchance that you CAN block the massive swathe of ports it is able to use, I'd say let them use it until a certain amount has been downloaded and THEN block it to prevent overruns.
Crucial thing though is to ensure no uploading is going on. There are also legal dangers if it is.
Posted: Sat 12 Nov, 2005 13.25
by rts
Okie dokie. Looks like I'm going to have to block it. Slight problem being as thick as a plank when it comes to this sort of thing.
My router is asking for the Source IP, Destination IP, Port Start, Port End, Source Netmask and Destination Netmask. Unfortunately I don't know any of these, so was wondering if you could people could supply the relevant information for blocking Limewire, and as many other P2P programmes as possible!
Posted: Sat 12 Nov, 2005 13.33
by Sput
rts wrote:Okie dokie. Looks like I'm going to have to block it. Slight problem being as thick as a plank when it comes to this sort of thing.
My router is asking for the Source IP, Destination IP, Port Start, Port End, Source Netmask and Destination Netmask. Unfortunately I don't know any of these, so was wondering if you could people could supply the relevant information for blocking Limewire, and as many other P2P programmes as possible!
What router do you have?
Posted: Sat 12 Nov, 2005 14.01
by rts
Soho Speed ADSL Ethernet/Wireless Gatway
And also, saw this IP QoS thing. Is it possible to set up something giving browsing high priority, and everything else low, in addition to blocking Limewire etc?
Posted: Sun 13 Nov, 2005 18.07
by Neil Jones
Issues to be aware of with port blocking:
P2P programs don't respect them (picking random ports every time they load) and Kazaa is intelligent enough to fall back to use port 80 when all else fails. And Port 80, for those of you who may not know, is not a good port to block because nobody will be able to go web browsing at all. Although having said that, once Kazaa's gone on with the amount of spyware it installs, you'll never see a clear port again.
Web browsers like to open other ports in order to be able to shift more data around quicker; Firefox does this. Therefore some "Page not found" errors may occur.
The best way to go would be using a hardware firewall on the router to use a feature known as port throttling, but this isn't available on all routers and only Cisco ones, from what I've read so far, offer this feature. And Cisco routers are not cheap.
But having said that, a few ISPs are deliberately doing their own port throttling methods so far as P2P goes (I know Tiscali, BT and some other ISPs are limiting the speeds P2P and bittorrent wise to 5kb/s) so they can't shift much faster than dial-up and so limiting the bandwidth beng used up.
Of course, if all else fails, just unplug the router
