| Unable to block torrent [message #130080] |
Tue, 31 May 2016 15:53  |
f.maianti
Messages: 26
Registered: May 2016
|
|
|
|
Hi all,
we have just installed and cofigured a Kerio Control NG500 in our company network.
We set up some content filter rule to block dangerous/porno/scam sites and all is working well.
We are trying to block p2p torrent traffic but even if we have created a rule to drop peer-to-peer content our test pc is still downloading from bittorrent.
In the filter log i found a lot of entry like these:
1/May/2016 15:49:26] DENY [Rule] 'Kerio Control Web Filter categories' [Connection] 192.168.30.127:56196 -> edge-star-shv-01-cdg2.facebook.com (179.60.192.3):443, HTTPS [Content] Social Networking edge-star-shv-01-cdg2.facebook.com/
[31/May/2016 15:49:26] DENY [Rule] 'Kerio Control Web Filter categories' [Connection] 192.168.30.127:35111 -> edge-star-shv-01-cdg2.facebook.com (179.60.192.3):443, HTTPS [Content] Social Networking graph.facebook.com/
[31/May/2016 15:49:35] DENY [Rule] 'Kerio Control Web Filter categories' [Connection] 192.168.30.124:3758 -> xx-fbcdn-shv-01-cdg2.fbcdn.net (179.60.192.7):443, HTTPS [Content] Social Networking connect.facebook.net/
[31/May/2016 15:49:38] DENY [Rule] 'Kerio Control Web Filter categories' [Connection] 192.168.30.45:49593 -> edge-mqtt-mini-shv-01-cdg2.facebook.com (179.60.192.34):443, HTTPS [Content] Social Networking mqtt-mini.facebook.com/
[31/May/2016 15:49:52] DENY [Rule] 'Kerio Control Web Filter categories' [Connection] 192.168.30.45:39784 -> instagram-p3-shv-01-cdg2.fbcdn.net (179.60.192.52):443, HTTPS [Content] Social Networking graph.instagram.com/
[31/May/2016 15:49:53] DENY [Rule] 'Kerio Control Web Filter categories' [Connection] 192.168.30.9:54791 -> edge-star-shv-01-cdg2.facebook.com (179.60.192.3):443, HTTPS [Content] Social Networking graph.facebook.com/
so the rule is actually finding and blocking some traffic, but the torrent client is still downloading.
Anyone can help me? What am i doing wrong?
Thanks
|
|
|
|
|
|
|
|
| Re: Unable to block torrent [message #130112 is a reply to message #130084] |
Wed, 01 June 2016 21:12  |
Petr Dobry (Kerio)
Messages: 405
Registered: November 2003
|
Kerio Technologies
|
|
|
That's correct. Torrent traffic is detected automatically by using traffic on those ports.
You can check Active Hosts tab to see if the traffic for specified host is detected a P2P.
Petr Dobry
Product Development Manager | Kerio
|
|
|
|
|
|
| Re: Unable to block torrent [message #139290 is a reply to message #130181] |
Mon, 09 April 2018 13:45 |
ipsys
Messages: 38
Registered: March 2018
Location: Burkina Faso
|
|
|
|
im not sure i completely understand, and please excuse me for my ignorance. i have followed the kb, but kerio still reports a lot of P2P traffic?
with regards to the KB, do we only need 'content filtering' enabled? or must 'application awareness' also be enabled for the torrentz to be blocked? currently both are enabled, and we see very high cpu (+50%) and memory consumption (75%). with application awareness disabled, cpu use falls by 50% (to roughly 20%) and memory falls by 25% (to 50%).
does this mean that the user is actually downloading the P2P (470mb is not small compared to the rest of the traffic)? its as if the traffic is detected, however not blocked, yet some P2P is detected and blocked?
|
|
|
|
Members
Search
Help
Register
Login
Home
