Let’s look at how to block torrent ports and signatures at the server operating system level.

This guide is suitable for any system that uses IPTables. Run the following commands one by one to set up basic protection against torrent traffic.

sudo iptables -A OUTPUT -p tcp --dport 6881:6999 -j REJECT
sudo iptables -A OUTPUT -p udp --dport 6881:6999 -j REJECT
sudo iptables -A INPUT -p tcp --sport 6881:6999 -j REJECT
sudo iptables -A INPUT -p udp --sport 6881:6999 -j REJECT
sudo iptables -A OUTPUT -p tcp --dport 51413 -j REJECT
sudo iptables -A OUTPUT -p udp --dport 51413 -j REJECT
sudo iptables -A INPUT -p tcp --sport 51413 -j REJECT
sudo iptables -A INPUT -p udp --sport 51413 -j REJECT
sudo iptables -A OUTPUT -p udp --dport 6881:6999 -j REJECT
sudo iptables -A OUTPUT -p udp --dport 6969 -j REJECT
sudo iptables -A OUTPUT -p udp --dport 4444 -j REJECT
sudo iptables -A INPUT -p udp --sport 6881:6999 -j REJECT
sudo iptables -A INPUT -p udp --sport 6969 -j REJECT
sudo iptables -A INPUT -p udp --sport 4444 -j REJECT
sudo iptables -A OUTPUT -m string --algo bm --string "BitTorrent protocol" -j DROP
sudo iptables -A OUTPUT -m string --algo bm --string "announce?info_hash" -j DROP
sudo iptables -A OUTPUT -m string --algo bm --string "peer_id=" -j DROP
sudo iptables -A OUTPUT -m string --algo bm --string ".torrent" -j DROP
sudo iptables -A OUTPUT -m string --algo bm --string "info_hash" -j DROP
sudo iptables -A INPUT -m string --algo bm --string "BitTorrent protocol" -j DROP
sudo iptables -A INPUT -m string --algo bm --string "announce?info_hash" -j DROP
sudo iptables -A INPUT -m string --algo bm --string "peer_id=" -j DROP
sudo iptables -A INPUT -m string --algo bm --string ".torrent" -j DROP
sudo iptables -A INPUT -m string --algo bm --string "info_hash" -j DROP

Blocking Torrent Traffic with IPTables