How to block bit torrent/all P2P packets on Mikrotik routers for selected users during work hours

As a network administrator, being able to stamp your authority on your network by deciding what can and cannot be done is one of the keys to keeping your job. After all, everyone believes you are not doing anything until the network crashes. Bit torrent is one of those applications that network administrators don’t like to see on users’ PC even though they (network administrators) cant do without it. How else do you think they get all the e-books and video tutorials? In this post, I will share how to block all p2p downloads through Mikrotik router.

If you find yourself working for a company that has little to zero resources budgeted for internet subscription, then its on you to implement policies that will guard against bandwidth abuse while making sure that top management staff, trusted to be well-behaved, have unrestricted access to network resources. One of the ways to achieve this is a complete lock down of access to bit torrent during working hours for users. Since the boss is the one paying, it is right to have him and a few others excepted from this.

If you understand the workings of the Mikrotik routerOS, implementing policies to take care of issues like this can be easy even though it comes in steps. There are two steps involved in achieving this. First, we have to create an address list to capture the IP addresses of those that need to be denied access to bit torrent. Secondly, we create a firewall rule to drop bit-torrent or all p2p for those whose addresses are captured in the address list created in step one. See steps below.

You may also like: How to stop all downloads and punish offenders.

[admin@timigate] > ip firewall address-list add address= ist=timigate
If the addresses are not in range as used above, then you need to add them one after the other, making that the name of the list is the same. Next, we create a firewall forward rule to drop bit-torrent or all p2p traffics during working hours for the address list named timigate. See below.
[admin@timigate] > ip firewall filter  add chain=forward action=drop p2p=bit-torrent src-address-list=timigate time=8h-17h,mon,tue,wed,thu,fri






Spread the love

3 thoughts on “How to block bit torrent/all P2P packets on Mikrotik routers for selected users during work hours”

Leave a Comment