Category Archives: bandwidth

Three ways to block torrent traffic in your network.

Torrent downloading is annoying and can consume most of your bandwidth, so you might want to block torrent in your network. There are several ways to block torrent in your network. While in this post, I will introduce three solutions to block torrent(bittorrent, utorrent, qtorrent) with WFilter internet content filter and WFilter NG firewall.

Please be aware that “WFilter internet content filter(ICF)” and “WFilter NG firewall(NGF)” are total different products. WFilter ICF is a windows program, which is designed for pass-by deployment on a mirroring port. While WFilter NGF is a dedicated linux firewall system.

1. Block torrent with WFilter ICF

passby_router_topology.png

As you can see in the diagram, the WFilter internet content filter(ICF) shall be connected to a mirroring port in your router or switch. So it can analysis network packets and deploy internet access policies. Steps to block torrent with WFilter ICF:

blocktorrent01 blocktorrent02 blocktorrent03

2. Block torrent with WFilter NGF as a network bridge.

Network topology diagram:

Ros guide bridge.png

WFilter NGF acts as a network bridge, sitting between your router and switch. So it can filter internet traffic.

3. Block torrent with WFilter NGF as a network gateway.

Network topology diagram:

Ros guide gateway.png

In this topology, WFilter NGF acts as the gateway of your network to deploy internet access policies. Please be aware that you can install WFilter NGF in a virtual machine to act as a virtual gateway, here is a guide: Using a pre-built VMWare image of WFilter NG Firewall

You can setup “application control” policies to block torrent with below steps:

block_torrent1 block_torrent2 block_torrent3

 

When deployed and configured properly, both WFilter ICF and WFilter NGF can block torrent completely. All torrent clients will have zero uploading and downloading speed.

utorrent_4 block_torrent04[1][2] after.

 

WFilter ICF homepage: WFilter Internet Content Filter

WFilter NG homepage: WFilter NG firewall

WFilter videos: WFilter Videos

 

 

Monitor network bandwidth with cisco switch.

In this post, I will bring you a bandwidth monitoring solution based on your cisco switch. In case your router/firewall does not have bandwidth monitoring features, or you need more detailed reports, this solution can help you.

First, the network topology diagram:
cisco1

 

Most cisco switch supports “port mirroring(SPAN)” feature. You may use below commands to enable it:

1. Set source port

Switch(config)#monitor session 1 source interface Fa0/23

2. Set target port

Switch(config)#monitor session 1 destination interface Fa0/22 ingress vlan 1

Then, you need to install a passby filtering program(ie: WFilter internet content filter) in a windows PC, and connect this PC to the “target port”. So you can monitor internet bandwidth and live connections of network clients.

The new diagram:

cisco2

Now let’s check what you can monitor with WFilter:
1. Clients List

2. Live Connections

3. Bandwidth Reports

QQ截图20170505164907

QQ截图20170505164940

 

How to block facebook videos streaming with WFilter NG firewall?

Sometimes, you might want to block facebook video streaming to save your bandwidth. There is predefined protocol named “facebook videos” in WFilter, which can help you to block facebook video by a few clicks. Here is the protocol description: facebook videos protocol and ports.

In another post, I’ve demonstrated how to block facebook videos with WFilter Enterprise. In this post, I will guide you to block facebook videos with “WFilter NG firewall”, which is a linux NG firewall designed for business networks.

1. New a block facebook policy in “App Control”.blockfb_video01

2. Set “facebook videos” to “Deny” in “streaming”.
blockfb_video02

3. That’s all. Now facebook videos will be blocked.
blockfb_video1 blockfb_video2

Please note, because short/small videos come from a same source as images, so blocking of facebook video does not short video cuts. Only medium or large size videos can be blocked.

Understanding the bandwidth shaper feature of WFilter NG Firewall

In a recent update of WFilter NG firewall, we have re-designed the “bandwidth shaper” feature. Now “bandwidth shaper” becomes easier to be understood and configured.

Let’s take a look.

The shaper rules list:

Ros ipcontrol 001.png

Bandwidth shaper policy:

Ipcontrol set en.png

In each policy, you need to define total UP and DOWNLOAD bandwidth for this rule. If this rule is applied to multiple clients, all the clients share the defined TOTAL bandwidth. Please note: “ the minimum bandwidth defines the static allocated bandwidth, while the maximum bandwidth is dynamic allocated.”

All clients applied by this rule have fair bandwidth sharing. You may also enable “client maximum rate” if you want to limit bandwidth rate for each IP.

In “ISP” module, the “Rate Limit” policy has the same settings as “bandwidth shaper”, as described in above.

isp_ratelimit01

Monitor clients bandwidth in network with WFilter Enterprise.

In a previous blog How to monitor internet bandwidth usage in lan network?, I introduced features and steps to monitor lan bandwidth with WFilter NG Firewall.

We have another windows software program named “WFilter Enterprise”, which also can monitor clients bandwidth in pass-by deployment. The WFilter pc do not need to be a gateway or network bridge, it can do internet monitoring and filtering through a mirroring port in your switch or router(passby deployment). With pass-by deployment, you don’t need to change network topology or add new hardware to deploy an internet content filter.

In this guide, I will demonstrate the bandwidth monitoring features of WFilter Enterprise 4.1.

1. Realtime bandwidth shows clients list and real-time bandwidth rate.bandwidth01

2. Click bandwidth to get live connections of a client.

You also can terminate connections by clicking the red icon.

bandwidth02

3. Bandwidth Report by protocols

The reports have pie, bar, line and data formats. You can do report by username, data, protocol name and protocol category.

bandwidth03

4. Bandwidth Alert

Send an alert email when bandwidth threshold is reached.

bandwidth04

Introduction to WFilter NGF’s bandwidth optimize features.

You will come to the following solutions when your internet bandwidth is insufficient:

Actullay, these three solutions have disadvantages:

  • 1. Without access control, using multiple broadband connections can not bring better experience. It because downloading and streaming can easily consume most of your bandwidth.
  • 2. “Application blocking” can save your bandwidth. However, users experience are impacted. Users will complain about no streaming or downloading.
  • 3. Rate limiting does not optimize your bandwidth. Users will still complain about slow internet speed.

WFilter NG firewall brings a total solution for bandwidth optimization.

1. Powerful access control policy

With “Access Policy” modules, you can block p2p downloading, online streaming, streaming websites. Please check: Access Policy

2. Multi-WAN load balancing and routing

In case you have multiple broadband connections, WFilter NGF’s “Multi-WAN” module can help you to:

  • 1. Load balancing on multiple broadband connections.
  • 2. Setup routing policies. For example, a). business servers are routed to a dedicated connection, b). video sites are routed to another connection.

For more details, please check: Muti-WAN

3. Bandwidth priority

With the “Priority” module, traffic with higher priority goes first. For example, you can set business servers traffic to the highest priority. So even the network is extremly busy, servers bandwidth won’t be influenced.

When installed, there are default rules: email > web > p2p and streaming. You also can customize your own rules.

For more details, please check: bandwidth priority

4. Bandwidth shaper

This module is for you to set bandwidth rate for clients. You can set the rate to ip ranges, user group or department.

Each group have a “maximum bandwidth rate” and “minimum bandwidth rate”. The minimum rate ensures the clients to have this bandwidth rate even the line is busy.

For more details, please check: bandwidth shaper

Try WFilter NGF now: WFilter NG firewall