The new forums will be named Coin Return (based on the most recent vote)! You can check on the status and timeline of the transition to the new forums here.
The Guiding Principles and New Rules document is now in effect.
Blocking the network ports so that it no longer works isn't the best option, as once she realizes it doesn't work she'll probably go online and figure out how to change those port settings to use different ports.
The better option is the one you've discounted because it's "not your place." Tell her to stop as long as she's using your network. If you're not the head of the household, then speak to the head of the household. Explain the problem, and ask them to speak with her.
Blocking the ports is just going to be a stalling tactic, not a solution.
Even someone who's not very computer literate can go to google and type in something about limewire not working and likely come up with explicit instructions on how to troubleshoot it and possibly change ports.
When her LimeWire application connects to the LimeWire servers, it uses a random high-numbered port as the reply-to address. Thus when the LimeWire servers send traffic back to the client, there is no way to predict which port they're trying to talk back to. You cannot block this incoming communication by blocking a specific incoming port. You could theoretically block all incoming traffic from the LimeWire servers by IP address, but that would require that you are able to specify all the LimeWire server IPs. Moreover, you'd need to be able to keep that blocklist up to date, and I don't think it's worth that kind of time. Besides, even if you were to do so, she would probably just be forced to look for alternatives. I imagine she'd then discover BitTorrent, which you have absolutely no hope of effectively blocking.
On a related note, the port number specified in the LimeWire application preferences is only used when another client or server somewhere is trying to initiate communication with her. P2P apps work better when both sides can initiate the communication, but almost all will continue to function when the client is behind a network address translation (NAT) device, as is the case here. Your addition of the port block rule did nothing, by the way. Before you added the rule, your router would have dropped that incoming unsolicited communication anyway, because it would have no idea which client that data was supposed to be sent to.
Are there any other options to rid my network of P2P use?
Major ISPs, record labels and movie studios have been unable to do this, I see your chances of succeeding where they have failed as being "slim to none". Why do you want to ban P2P traffic on your home network? Is it a legal concern, a moral concern, or just a performance concern? If it's only a performance problem (e.g. her P2P use is bogging down the network for everyone else), there are other options available that may meet your needs (setting sane upload/download limits in the application, enabling QoS on your router if available, etc.).
Also, seriously dude, if it's "your" network, and this is more than a performance concern for you, why do you have an issue telling her to stop? I agree with Daenris, this strikes me as pretty passive-aggressive, in addition to being more or less a waste of time at a technical level. Seriously man, the average P2P application represents thousands of man-hours of effort spent on thinking of ways to keep the application working no matter what the network administrators might try to do. Anything you do to break the P2P app is highly likely to break other network apps.
Then assign that IP a DENY rule on every port above, oh, like 500.
This is horrible advice. This will break so many network applications, it's not even funny. I think she'll get kinda suspicious when her instant messaging client, LimeWire and web browser all stop working at the same time.
This is horrible advice. This will break so many network applications, it's not even funny. I think she'll get kinda suspicious when her instant messaging client, LimeWire and web browser all stop working at the same time.
No, it's fantastic advice. He can add 1863 or any other specific application port he wants her to have access to.
Like he said, he's an advanced user. He can go through one by one and enable application ports if he feels like it.
No, it's fantastic advice. He can add 1863 or any other specific application port he wants her to have access to.
Like he said, he's an advanced user. He can go through one by one and enable application ports if he feels like it.
For a salaried IT guy on his corporate network, I agree. For a guy who lives in a house and gets paid $0 to be the de facto household tech support, I disagree. It's just a heck of a lot of hassle, especially with half a dozen users and all of their various network apps. Personally, I wouldn't do it because I'm not home all the time, and I wouldn't want to inconvenience my girlfriend if she's trying to use a new app and I'm not there to open ports, but to each their own. I still think this is a situation where a social solution is really what's called for.
Anyway, to the OP, if you are going to block all ports above 500, make sure you only block remote ports. If you block local ports above 500, pretty much no network applications will work. For example, my browser is currently using local port 25345 to receive data from penny-arcade.com port 80. If I wasn't allowed to communicate with a remote system on port 80 using local port 25345 (or some other random high-numbered port), my browser would effectively be broken.
I'm pretty sure LimeWire would have upload/download speed and connection count settings that can address performance issues. Alternately, you can use QoS, if your router supports it, though that usually involves a fair bit of work and a router that supports open source firmware. I use QoS at home because once it's set up, it's elegant and automatic. My torrents will use all of the available bandwidth when no one else is using the connection, but as soon as someone starts surfing or playing an online game, torrent traffic automatically takes a back seat to that other traffic. Best of all, it works whether or not a user has enabled any bandwidth caps in their application.
Anyway, lots of ways to address this, best of luck whichever way you decide to go.
Alternately, you can use QoS, if your router supports it, though that usually involves a fair bit of work and a router that supports open source firmware. I use QoS at home because once it's set up, it's elegant and automatic. My torrents will use all of the available bandwidth when no one else is using the connection, but as soon as someone starts surfing or playing an online game, torrent traffic automatically takes a back seat to that other traffic. Best of all, it works whether or not a user has enabled any bandwidth caps in their application.
^this
I find that it doesn't require "a fair bit of work" either, but that depends on the firmware you use on your router. If the router isn't yours, it isn't a good idea to install third party firmware on it.
The approach that I take is that connections are prioritized at medium by default. Known applications that should get priority at classified as high, and known bandwidth hogs get something lower. My router provides two filtersets to choose from, and since I know that LimeWire uses the Gnutella network, I filter that. The settings for it in Tomato are quite simple:
Another thing that may be helpful to know is that QoS will probably let you fine tune each classification. In my firmware's case you can specify a minimum and maximum percentage of your upstream bandwidth that each classification is allowed to use.
Barrakketh on
Rollers are red, chargers are blue....omae wa mou shindeiru
Posts
Blocking the network ports so that it no longer works isn't the best option, as once she realizes it doesn't work she'll probably go online and figure out how to change those port settings to use different ports.
The better option is the one you've discounted because it's "not your place." Tell her to stop as long as she's using your network. If you're not the head of the household, then speak to the head of the household. Explain the problem, and ask them to speak with her.
Blocking the ports is just going to be a stalling tactic, not a solution.
Then assign that IP a DENY rule on every port above, oh, like 500.
On a related note, the port number specified in the LimeWire application preferences is only used when another client or server somewhere is trying to initiate communication with her. P2P apps work better when both sides can initiate the communication, but almost all will continue to function when the client is behind a network address translation (NAT) device, as is the case here. Your addition of the port block rule did nothing, by the way. Before you added the rule, your router would have dropped that incoming unsolicited communication anyway, because it would have no idea which client that data was supposed to be sent to.
Major ISPs, record labels and movie studios have been unable to do this, I see your chances of succeeding where they have failed as being "slim to none". Why do you want to ban P2P traffic on your home network? Is it a legal concern, a moral concern, or just a performance concern? If it's only a performance problem (e.g. her P2P use is bogging down the network for everyone else), there are other options available that may meet your needs (setting sane upload/download limits in the application, enabling QoS on your router if available, etc.).
Also, seriously dude, if it's "your" network, and this is more than a performance concern for you, why do you have an issue telling her to stop? I agree with Daenris, this strikes me as pretty passive-aggressive, in addition to being more or less a waste of time at a technical level. Seriously man, the average P2P application represents thousands of man-hours of effort spent on thinking of ways to keep the application working no matter what the network administrators might try to do. Anything you do to break the P2P app is highly likely to break other network apps.
This is horrible advice. This will break so many network applications, it's not even funny. I think she'll get kinda suspicious when her instant messaging client, LimeWire and web browser all stop working at the same time.
No, it's fantastic advice. He can add 1863 or any other specific application port he wants her to have access to.
Like he said, he's an advanced user. He can go through one by one and enable application ports if he feels like it.
Anyway, to the OP, if you are going to block all ports above 500, make sure you only block remote ports. If you block local ports above 500, pretty much no network applications will work. For example, my browser is currently using local port 25345 to receive data from penny-arcade.com port 80. If I wasn't allowed to communicate with a remote system on port 80 using local port 25345 (or some other random high-numbered port), my browser would effectively be broken.
I'm pretty sure LimeWire would have upload/download speed and connection count settings that can address performance issues. Alternately, you can use QoS, if your router supports it, though that usually involves a fair bit of work and a router that supports open source firmware. I use QoS at home because once it's set up, it's elegant and automatic. My torrents will use all of the available bandwidth when no one else is using the connection, but as soon as someone starts surfing or playing an online game, torrent traffic automatically takes a back seat to that other traffic. Best of all, it works whether or not a user has enabled any bandwidth caps in their application.
Anyway, lots of ways to address this, best of luck whichever way you decide to go.
^this
I find that it doesn't require "a fair bit of work" either, but that depends on the firmware you use on your router. If the router isn't yours, it isn't a good idea to install third party firmware on it.
The approach that I take is that connections are prioritized at medium by default. Known applications that should get priority at classified as high, and known bandwidth hogs get something lower. My router provides two filtersets to choose from, and since I know that LimeWire uses the Gnutella network, I filter that. The settings for it in Tomato are quite simple:
Another thing that may be helpful to know is that QoS will probably let you fine tune each classification. In my firmware's case you can specify a minimum and maximum percentage of your upstream bandwidth that each classification is allowed to use.