Blocking Torrent Traffic with IPTables

Blocking Torrent Ports and Signatures with IPTables

Let’s look at how to block torrent ports and signatures at the server operating system level.

This guide is suitable for any system that uses IPTables. Run the following commands one by one to set up basic protection against torrent traffic.

sudo iptables -A OUTPUT -p tcp --dport 6881:6999 -j REJECT sudo iptables -A OUTPUT -p udp --dport 6881:6999 -j REJECT sudo iptables -A INPUT -p tcp --sport 6881:6999 -j REJECT sudo iptables -A INPUT -p udp --sport 6881:6999 -j REJECT sudo iptables -A OUTPUT -p tcp --dport 51413 -j REJECT sudo iptables -A OUTPUT -p udp --dport 51413 -j REJECT sudo iptables -A INPUT -p tcp --sport 51413 -j REJECT sudo iptables -A INPUT -p udp --sport 51413 -j REJECT sudo iptables -A OUTPUT -p udp --dport 6881:6999 -j REJECT sudo iptables -A OUTPUT -p udp --dport 6969 -j REJECT sudo iptables -A OUTPUT -p udp --dport 4444 -j REJECT sudo iptables -A INPUT -p udp --sport 6881:6999 -j REJECT sudo iptables -A INPUT -p udp --sport 6969 -j REJECT sudo iptables -A INPUT -p udp --sport 4444 -j REJECT sudo iptables -A OUTPUT -m string --algo bm --string "BitTorrent protocol" -j DROP sudo iptables -A OUTPUT -m string --algo bm --string "announce?info_hash" -j DROP sudo iptables -A OUTPUT -m string --algo bm --string "peer_id=" -j DROP sudo iptables -A OUTPUT -m string --algo bm --string ".torrent" -j DROP sudo iptables -A OUTPUT -m string --algo bm --string "info_hash" -j DROP sudo iptables -A INPUT -m string --algo bm --string "BitTorrent protocol" -j DROP sudo iptables -A INPUT -m string --algo bm --string "announce?info_hash" -j DROP sudo iptables -A INPUT -m string --algo bm --string "peer_id=" -j DROP sudo iptables -A INPUT -m string --algo bm --string ".torrent" -j DROP sudo iptables -A INPUT -m string --algo bm --string "info_hash" -j DROP