[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Bittorrent packets



Am 15.12.2008 um 14:35 schrieb Mitar:
Without adding those IP to ExitRules it is not really "nice" that I
would be blocking them just with a firewall but this could be maybe
also seen as a feature: making Tor network unstable for Bittorrent
users (for data transmissions).

I also had these BitTorrent traces in my Apache log. I looked into this and realized that, although the default exit policy claims to block P2P ports, there was still a lot of Bittorrent traffic.

Unfortunately my own tests showed that you cannot block Bittorrent traffic with a black-list exit policy, but only with a white-list policy, that only selectively allows the ports you want to support.

It is worth to note that even downloads from hosts behind NAT (or Tor for this matter) are possible with Bittorrent clients. The other clients who want to download but cannot connect directly because of NAT/Tor seem to publish their requests on the tracker and the offering client connects to the requesting clients in order to _upload_ the data blocks. So it is actually possible that a Bittorrent client _offers_ files for download over your exit node.


Sven

Attachment: smime.p7s
Description: S/MIME cryptographic signature