Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Unable to block torrent
  •  
f.maianti

Messages: 20
Karma: 0
Send a private message to this user
Hi all,
we have just installed and cofigured a Kerio Control NG500 in our company network.
We set up some content filter rule to block dangerous/porno/scam sites and all is working well.
We are trying to block p2p torrent traffic but even if we have created a rule to drop peer-to-peer content our test pc is still downloading from bittorrent.
In the filter log i found a lot of entry like these:

1/May/2016 15:49:26] DENY [Rule] 'Kerio Control Web Filter categories' [Connection] 192.168.30.127:56196 -> edge-star-shv-01-cdg2.facebook.com (179.60.192.3):443, HTTPS [Content] Social Networking edge-star-shv-01-cdg2.facebook.com/
[31/May/2016 15:49:26] DENY [Rule] 'Kerio Control Web Filter categories' [Connection] 192.168.30.127:35111 -> edge-star-shv-01-cdg2.facebook.com (179.60.192.3):443, HTTPS [Content] Social Networking graph.facebook.com/
[31/May/2016 15:49:35] DENY [Rule] 'Kerio Control Web Filter categories' [Connection] 192.168.30.124:3758 -> xx-fbcdn-shv-01-cdg2.fbcdn.net (179.60.192.7):443, HTTPS [Content] Social Networking connect.facebook.net/
[31/May/2016 15:49:38] DENY [Rule] 'Kerio Control Web Filter categories' [Connection] 192.168.30.45:49593 -> edge-mqtt-mini-shv-01-cdg2.facebook.com (179.60.192.34):443, HTTPS [Content] Social Networking mqtt-mini.facebook.com/
[31/May/2016 15:49:52] DENY [Rule] 'Kerio Control Web Filter categories' [Connection] 192.168.30.45:39784 -> instagram-p3-shv-01-cdg2.fbcdn.net (179.60.192.52):443, HTTPS [Content] Social Networking graph.instagram.com/
[31/May/2016 15:49:53] DENY [Rule] 'Kerio Control Web Filter categories' [Connection] 192.168.30.9:54791 -> edge-star-shv-01-cdg2.facebook.com (179.60.192.3):443, HTTPS [Content] Social Networking graph.facebook.com/


so the rule is actually finding and blocking some traffic, but the torrent client is still downloading.

Anyone can help me? What am i doing wrong?
Thanks
  •  
Petr Dobry (Kerio)

Messages: 772
Karma: 60
Send a private message to this user
Did you enable P2P detection in Advanced settings http://kb.kerio.com/1526 ?

[Updated on: Tue, 31 May 2016 16:29]


Petr Dobry
Product Development Manager | Kerio

Stay Connected Anytime, Anywhere. Discover Kerio Cloud!
Looking for help ? - http://kb.kerio.com
  •  
f.maianti

Messages: 20
Karma: 0
Send a private message to this user

Yes, i followed the page you linked.
There is no "enable p2p detection", just list of port that kerio will monitor

  • Attachment: kerio.png
    (Size: 140.79KB, Downloaded 77 times)
  •  
Petr Dobry (Kerio)

Messages: 772
Karma: 60
Send a private message to this user
That's correct. Torrent traffic is detected automatically by using traffic on those ports.
You can check Active Hosts tab to see if the traffic for specified host is detected a P2P.

Petr Dobry
Product Development Manager | Kerio

Stay Connected Anytime, Anywhere. Discover Kerio Cloud!
Looking for help ? - http://kb.kerio.com
  •  
f.maianti

Messages: 20
Karma: 0
Send a private message to this user
Now it's working, torrent is blocked by kerio.
Seems like the kerio takes some time to analyze and discover the p2p traffic.

Thanks
Previous Topic: FTP Subfolders
Next Topic: Unable to get address where to send failure notification
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Thu Dec 08 08:52:29 CET 2016

Total time taken to generate the page: 0.01011 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.