[JRM75]

In Access Restrictions, I set "catch all P2P Protocols" under Blocked Services. How do I know it's working correctly? How can I test for this?

[Masterman]

Open up something like uTorrent, go to the routers status page and click the "Active IP connections" number. It will bring up another window and show you all traffic that is inbound/outbound. Look for any ports that match what you have configured in your p2p software..

By default (unless you have UPnP enabled on the router) all p2p software will be blocked anyways..

[JRM75]

Doesn't "catch all P2P protocols" block all protocols ports for all p2p apps.?

My utorrent still wroks until I manually block the port it uses. I would have to spend hours on google searhing all p2p ports used for every program.

Any alternatives I can do, like lower maximum ports to like 5?

[Masterman]

Don't even waste your time looking for ports to block as the majority of p2p program randomize the port number at startup.

First of all, do you have access restrictions set to "Deny" or "Filter"?

Lowering maximum ports to 5 wont do anything other than slow your entire network down.

[JRM75]

[Masterman]

Well, as long as your clients are limited to the standard DHCP, DNS, HTTP(s) etc, you could just set your access restrictions to block all ports from 10000 to 65535 which is the normal range for the majority of p2p programs. However, they could get sneaky and just use a port below that.

[JRM75]

So what about changing the maximum ports option in Administration/Management Is it better to increase to make P2P apps. download faster or is it the opposite way, in which the network suffers (affects the router)?

[Masterman]

From the Web-GUI help:

IP Filter Settings (adjust these for P2P)

If you have any peer-to-peer (P2P) applications running on your network please increase the maximum ports and lower the TCP/UDP timeouts. This is necessary to maintain router stability because peer-to-peer applications open many connections and don't close them properly. Consider using these:

* Maximum Ports: 4096
* TCP Timeout: 120 sec
* UDP Timeout: 120 sec

[JRM75]

I know that, but somewhere on the wiki it said 512 ports should be used if the router cannot handle so many ports.

This topic discusses exactly that: http://www.dd-wrt.com/phpBB2/viewtopic.php?p=344593&sid=6218d2f44870eb1db1a3d339c358f96b

Even at 512 connections, if the active connections reaches approx. 90%, my router starts to freeze up and all hell breaks loose. Unfortunately, either exiting the P2P app., removing items for download, or rebooting the router is the only way to stop any lock-ups.

[Masterman]

So you are experiencing the same problems evident in that thread? What router/firmware are you running?

[JRM75]

DD-WRT v24-sp2 (09/24/09) micro
(SVN revision 12966) - Brain Slayer's build.

My router: WRT54GS V.6

I would like to understand something: If I set 256 max. ports and a P2P program is utilizing all available ports, does that mean the router won't allow other ports to be open for other computers (e.g. port 80,etc.)? Is that why I must set a high value for maximum ports?

[Masterman]

[JRM75]

hmmm...it's not the processor, because my CPU load average doesn't go anywhere near 100%. I would think it's a bandwidth problem, however, I will do what you said about increasing the max. ports and blocking those ports or port range in Access Restrictions.

When the "lock-up" happens, it affects all clients, devices, and the AP as well, however, internet access is still available with certain limitations (i.e. apps. that require a certain port range or more than one port don't work at all.)

[Masterman]

When the lock-up happens, look at your "Free" memory meter. Does the micro build you have running have a JFFS2 option under Administration->Management? I would also suggest turning of any Daemons you dont need running like WAN traffic graph and Syslogd.

[JRM75]

Well, the CPU load goes from 0.4 to 0.9 most of the time, but no where near 100; or is it actually reading in percentage?

I happened to intentionally cause a lock-up, and the amount of free memory reads 5.3 MB / 13.5 MB.

Also, I don't have JFFS2 because the micro version doesn't support it, but I do have a lot of options enabled that I don't need.