Blocking Torrents on Library Computers

One issue for any location which provides free wi-fi are web-torrents.  Torrents are a way for individuals to share files over the internet.  When they are used legally they can be a great tool for transmitting information.  Unfortunately, web-torrents are often used as a means of illegally sharing copyrighted materials, and there have been cases reported of public and university library patrons using torrents to download pornographic materials on library wi-fi connections.  Torrents also eat up a tremendous amount of bandwidth, meaning one patron can slow down connection speeds for everyone who is using the library wi-fi. 

Some modern wireless routers include protocol blocking that allows you to block web-torrents with the click of a radio button.  The block torrents option is usually found in the Firewall configuration of your wi-fi router.  If you have multiple wi-fi routers that are connected via cable to a central firewall, then you would need to access your Firewall control panel to apply torrent restrictions.  On older routers you may need to manually configure protocol restrictions to block torrents.  Torrents typically use TCP and UDP connection protocols on ports 6881 through 6889.  Some varieties of torrent software can use up to port 6999, but blocking the 6880 ports should be enough to stop the majority of your torrent traffic, without running the risk of blocking ports that are being used by other programs.

The instructions listed below are protocol instructions and are not specific to any particular router.  You'll have to refer to the owner's manual of your device for exact instructions on how to access your router's Firewall Control Panel, or how to apply these conditions.  If you are on a university campus and have an IT Specialist available they should be able to interpret these instructions quite readily.

Step 1:
Open your Firewall Control Panel

Step 2:
Create Rule > Access Restrictions > User Defined > Protocols > TCP > Port Range: 6881-6889 > Select inbound and outbound traffic > Apply

Step 3:
Create Rule > Access Restrictions > User Defined > Protocols > UDP > Port Range: 6881-6889 > Select inbound and outbound traffic > Apply

Step 4:
Read any messages that appear on your router control panel, as many routers will require you to reboot after applying the changes to the Firewall settings

Testing to make sure the rules were applied

To test that the ports have been closed, take a Linux PC that has the program nmap installed, connect to the wi-fi network that you just applied your new rules to, open a terminal and type the following commands:

To check your ports are closed to TCP protocols type:

nmap -p 6881-6889 <local ip of your wi-fi router>

To check your ports are closed to UDP protocols type:

nmap -sU -p 6881-6889 <local ip of your wi-fi router>

For example, if the local ip of your wi-fi router is 192.168.2.1, then the first command you enter would be:

nmap -p 6881-6889 192.168.2.1

If the changes applied successfully, then nmap will produce reports which show all of those ports are closed to both TCP and UDP protocols.