On Tue, Dec 28, 2010 at 4:11 PM, Brian Wall <kc0iog at gmail.com> wrote:
> Can PFSense perform stateful packet inspection?  One of the challenges
> with bit torrent is that it can be tunneled on just about any port.
> The only way to truly knock it out is to inspect the packet, looking
> for the bit torrent headers, then kill the connection if it finds the
> headers.

As of 2.0, which is still in beta, pfSense can do application-layer
filtering. I've been using it at home to lower the priority of
bittorent traffic without having to set all my clients to a specific
port. The interface is a little funky, and documentation lacking, but
it seems to work. Of course, it still can't do much about encrypted BT
traffic.

-Steve


-- 
If it ain't broke, you're not using a new enough version