Sunday, August 7, 2011

Block Torrent Files on Squid Proxies


Block Torrent Files on Squid Proxies


squid-img"BitTorrent is a peer-to-peer file sharing protocol used for distributing large amounts of data. BitTorrent is one of the most common protocols for transferring large files, and it has been estimated that it accounts for approximately 27-55% of all Internet traffic (depending on geographical location) as of February 2009(see Wikipedia.org).

1. BitTorrent and Downloads

BitTorrent is a decentralized network to provide files of any size to other internet users. You may use BitTorrent as a powerful successor of FTP servers with the additional features (highly available download resources and contents are findable via search engines). E.g. the major Linux distributions are available via the BitTorrent network.
Beside these and other nice features there is a dark side that may be considered then providing internet access to employees or customers. A number of users are using the BitTorrent network to distribute contents for free by breaking national and international law. This is a problem that is not dedicated to BitTorrent but if you decide to restrict internet access for your users and you are running a Squid proxy server you may build up a basic barrier to prevent the download of torrent files containing meta data required for finding resources in the BitTorrent network.

2. Configure your Squid Proxy

To prevent your users to download torrent files, you have to add the following lines to your squid configuration file. The new rules will prevent users from downloading contents specified in a separate file called/etc/squid/extensiondeny.


acl extensiondeny url_regex -i "/etc/squid/extensiondeny"
acl download method GET
http_access deny extensiondeny download
http_access deny extensiondeny

The file  /etc/squid/extensiondeny will contain regular expressions. If one of these expressions matches the download request squid will veto and will not provide the requested contents. Example of a basic configuration entry.


\.torrent$
This regular expression will match file names with the extension '.torrent'.

No comments:

Post a Comment