-
Notifications
You must be signed in to change notification settings - Fork 57
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Inconsistent BitTorrent Filtering with nDPI #184
Comments
We cannot detect encrypted bittorrent protocol traffic. |
Thank you for the information. Could you please clarify if the DHT decoding feature is automatically enabled when I use your project, or do I need to activate it by setting a specific flag during the compilation process? |
No special settings required. |
Thank you for confirming. Based on this, I plan to modify the iptables settings from:
to:
My understanding is that using REJECT might not be ideal in this scenario, as it informs the torrent client that the packet was rejected, potentially prompting it to resend. Conversely, DROP simply discards the packet without notifying the torrent client, potentially slowing down or fully blocking the transfer without encouraging repeated attempts. |
Describe the bug
In Short: The BitTorrent filter functions correctly only when opening a Torrent magnet file and initiating the download. However, there is a workaround. By switching the network to one without nDPI, starting the torrent download, and then reverting to the network with nDPI, nDPI can no longer recognize the torrent traffic. This issue could be related to my iptables setup, but I cannot identify any mistakes.
This describes how I have configured iptables to filter BitTorrent for Wireguard users.
The Wireguard VPN (wg interface) operates over the FORWARD chain.
Expected behavior
In all circumstances the bittorrent packets should be blocked.
nDPI Environment (please complete the following information):
./autogen.sh --with-only-libndpi
The text was updated successfully, but these errors were encountered: