kong156
commented
7 years ago This is happening due to the fact your first rule drops packets that ultimately are used to detect the next bittorent sessions. I think this is the main reason why your bittorent activity is blacked out. A layer 4 approach is faulty from start I guess. Instead, you should use other layer 7 tools for that.
Hi! Sorry for using the issue tracker to ask question here.
Recently im trying to filter bittorrent on my Ubuntu 16.04 server (which is a strongswan vpn server). After a few days effort of solution searching, i've found your repository, which is nice to use with and base the modern DPI library nDPI (compared with those ipp2p and l7-filter).
However, the performance of bittorrent filtering is not that effective as expected. Some bittorrent packet is being dropped, but still many of them are passed as they are "unknown" packet.
As in the photos, first one is the mangle table. Second one is the iptables when vpn is not connected, and the three one is the snapshot when user have connected to our vpn server and did bittorrent for a few seconds. You will see that there are still lots of packet not being drop in the bittorrent rules, and from the client side i can still doing bittorrent without any problem.
Any idea/solution can help? Thanks!