why dont most consumer routers have an option to block bitorrent

[VirtualLarry]

just curious.

 

[Smoblikat]

just curious.

Doesnt it use port 8080? Which is an HTTP port, so it would block out most HTTP as well.

 

[ericloewe]

Because consumer routers don't usually do packet sniffing to figure out what's being sent. Nearly all allow you to block ports, but that's easily circumvented, especially with bittorrent.

 

[theevilsharpie]

just curious.

Most consumer routers are simple packet filters that make routing decisions solely on IP addresses and port numbers. Applications like BitTorrent that don't use a common port number require a device that can inspect that entire payload of the IP packet, and consumer routers aren't able to do that while maintaining acceptable performance.

 

[_Rick_]

You could probably implement a connection counter, and just drop a machine completely off the network once the number of connections established per second exceeds a certain amount.
Only p2p applications show this kind of behavior of opening a huge number of connections in a short time frame. Sure, you can probably tune libtorrent to open less connections per second than configured, but standard configuration and big swarms should trigger this every time. Any reaction other than completely cutting access to the machine can easily be circumvented.
This also works for worm/virus infected machines. A worm is essentially a p2p program.
It's probably easily implemented with some of the more advanced firmwares, as it's just a simple counter. Linux netfilter should support that.

 

[imagoon]

just curious.

Most people at home want to pay $50 for a router and bit torrent is a application layer service. You need a lot more horsepower than a $50 layer 3 filter can give to work on the Application layer. You also generally need some sort of support to tag frames since most home users wouldn't have a clue how to match packet types.

 

[Mark R]

BitTorrent is damn near impossible to block. It was specifically designed so as to be able to pierce through most forms of NAT, it will find almost any open port, disguise traffic as something legitimate on an open port, encrypt traffic to prevent packet analysis, etc.

Blocking it requires sophisticated analysis, as simple things like port restrictions won't stop it. Even stuff like connection rate limiting often won't stop it, because most BT clients take care to limit their connection rate and total number of connections specifically to avoid triggering these limits.

The only way to detect and stop it is to watch the total number of active connections and look for "swarming" behavior. Even then, this only works reliably on very busy, active torrents. Unpopular, or poorly seeded torrents may well get through this.

 

[robmurphy]

I think you need L7 packet filtering to do this.

Very few home routers can do this. Some linux routers may be able to do this. You would probably need an X86 based system to have enough CPU power for this.

The opening of TCP connections will not block torrents now. Many torrents are using UDP trackers now.

Monitoring the amount of data used by a user is one method of control. You can always use a local DNS and block known illegal sites using the local DNS. You will also need to block port 53 (I think) for the users to stop them having their own DNS.

If you have control of the machines the sites can be blocked in the hosts file. I use this to block many many annoying sites. If people are running their own PC however you will need to get a decent router, or build a linux based one.

Rob.

 

[VirtualLarry]

All good answers, but doesn't BT need to open an incoming port using UPnP? And doesn't it register a name with the router to describe that open port? Certain, a router could contain code to look for popular BT client names, and block opening the incoming port.

Heck, just disabling UPnP totally, could do that too, couldn't it?

Just a thought. (Yes, I realize that blocking it completely requires some heavy-duty L7 hardware.)

 

[JackMDS]

Routers are generic network hardware.

Asking them to inherently block a specific "gimmick", is like asking why a car does not come with a way to block driving to the Bad neighborhood in town.

 

[imagoon]

All good answers, but doesn't BT need to open an incoming port using UPnP? And doesn't it register a name with the router to describe that open port?

Nope and Nope.

 

[Rifter]

Not enough processing power, plain and simple. If you want to do this i would look into a linux server to hookup inline with the router and have it do the packet inspection/filtering. If its a large network get something with some CPU power.

 

[alkemyst]

The main reasons consumer routers/network gear doesn't offer all the bells and whistles is because in a consumer network you usually 'know' what's going on since it's your traffic.

Commercial devices lean towards you usually won't know what people will be doing.

 

[Nothinman]

All good answers, but doesn't BT need to open an incoming port using UPnP? And doesn't it register a name with the router to describe that open port? Certain, a router could contain code to look for popular BT client names, and block opening the incoming port.

Heck, just disabling UPnP totally, could do that too, couldn't it?

Just a thought. (Yes, I realize that blocking it completely requires some heavy-duty L7 hardware.)

No, it's faster with an open inbound port enabled but it still works without them.

 

[Modelworks]

plainly put, COST.
Most routers contain the slowest, cheapest possible processor to make the product work, often with zero overhead. They could add the features you want but not if it is going to cost them even 1 cent in profit.