Block Torrent and P2P on Mikrotik

Torrent is a way for sharing files through Internet using Peer-to-Peer connection. But, sometimes it makes IT employee frustated, because it contains viruses, malwares, and adults materials and also makes our bandwidth is full.

So, we could use our mikrotik router as firewall to block permanently or temporary the p2p connection especially torrent sharing.

Please login into your mikrotik router. Usually we use winbox. After that, copy + paste the code below :

 /ip firewall layer7-protocol>use winbox to copy paste name=torrentsites  
 regexp:^.*(get|GET).+(torrent|thepiratebay|isohunt|entertane|demonoid|btjunkie|mininova|flixflux|torrentz|vertor|h33t|btscene|bitunity|bittoxic|thunderbytes|entertane|zoozle|vcdq|bitnova|bitsoup|meganova|fulldls|btbot|flixflux|seedpeer|fenopy|gpirate|commonbits).*$  

 /ip firewall filter>  
 add chain=forward src-address=192.168.1.0/24 layer7-protocol=torrentsites action=drop comment=torrentsites  
 add chain=forward src-address=192.168.1.0/24 protocol=17 dst-port=53 layer7-protocol=torrentsites action=drop comment=dropDNS  
 add chain=forward src-address=192.168.1.0/24 content=torrent action=drop comment=keyword_drop  
 add chain=forward src-address=192.168.1.0/24 content=tracker action=drop comment=trackers_drop  
 add chain=forward src-address=192.168.1.0/24 content=getpeers action=drop comment=get_peers_drop  
 add chain=forward src-address=192.168.1.0/24 content=info_hash action=drop comment=info_hash_drop  
 add chain=forward src-address=192.168.1.0/24 content=announce_peers action=drop comment=announce_peers_drop  

To make sure all p2p connection is blocked, add additional configuration script below :

 add chain=forward src-address=192.168.1.0/24 p2p=all-p2p action=drop comment=p2p_drop  

Enjoy... :)