Using Application Firewall to Bandwidth Limit Bit-torrent
03/26/2020 1,093 People found this article helpful 487,617 Views
Description
It is possible to specifically limit or manage the bandwidth used by certain types of traffic, such as Bit Torrent, using the Application Firewall feature of SonicOS Enhanced.
These instructions represent an example implementation of an Application Firewall action, object and policy for the purpose of limiting the bandwidth of Bit Torrent traffic to a maximum of 50 Kbps.
Resolution
- Login to the SonicWall management GUI.
Step 1: Enable Bandwidth Management on WAN interface
1. Navigate to the Network | Interfaces page.
2. Click on the Configure button under an interface in the WAN zone (In this example the X1 interface).
3. Click on the Advanced tab and do one or both of the following:
- Under Bandwidth Management, to manage outbound bandwidth, select the Enable Egress Bandwidth Management checkbox, and set the Available Interface Egress Bandwidth (Kbps) ( Upload Speed ) field to the maximum for the interface.
- Under Bandwidth Management, to manage inbound bandwidth, select the Enable Ingress Bandwidth Management checkbox and set the Available Interface Ingress Bandwidth (Kbps) ( Download Speed ) field to the maximum for the interface.
4. Click on OK to save.
Note:
- Once BWM has been enabled on an interface, and a link speed defined, traffic traversing that link will be throttled—both inbound and outbound—to the declared values, even if no Access Rules or App Rules are configured with BWM settings.
- Egress and Ingress BWM can be enabled jointly or separately configured on WAN interfaces. Different bandwidth values may be entered for outbound and inbound bandwidth to support asymmetric links. Link rates up to 100,000 Kbps (100Mbit) may be declared on Fast Ethernet interfaces, while Gigabit Ethernet interfaces will support link rates up to 1,000,000 Kbps (Gigabit). The speed declared should reflect the actual bandwidth available for the link. Oversubscribing the link (i.e. declaring a value greater than the available bandwidth) is not recommended.
Step 2: Creating Match Object
1. Navigate to Firewall | Match Objects.
2. Click Add New Match Object button and enter the following:
- Name: Object Bit Torrent
- Application Object Type: Custom Object
- Match Type: Exact Match
- Content: 13426974546f7272656e742050726f746f636f6c
3. Click OK to save the newly created object as shown below in the screenshot.
Step 3: Creating Action Object
1. Navigate to Firewall | Action Objects.
2. Click Add New Action Object button and enter the following:
- Action Name: Action BWM Bit Torrent
- Action: Bandwidth Management
- Check “Enabled Outbound Bandwidth Management”
- Guaranteed Bandwidth: 25Kbps
- Maximum Bandwidth: 50Kbps
- Bandwidth Priority: 7 Lowest
- Check “Enable Inbound Bandwidth Management”
- Guaranteed Bandwidth: 25Kbps
- Maximum Bandwidth: 50Kbps
- Bandwidth Priority: 7 Lowest
3. Click OK to save the new action object as shown below in the screenshot.
Step 4: Creating App Rule policy and enforce match, action objects to it
1. Navigate to Firewall | App Rules.
2. Click Add New Policy and enter the following:
- Policy Name: BWM Bit Torrent
- Policy Type: Custom Policy
- Service Destination: Any
- Application Object: Object Bit Torrent
- Action: Action BWM Bit Torrent
- Direction: Both
3. Click OK to save the newly created policy as shown below in the screenshot.
How to Test:
Users attempting to exceed the bandwidth limits defined in this Application Firewall Action for Bit Torrent will be limited and a log message similar to the following will be generated:
- Application Firewall Alert: Policy: BWM Bit Torrent, Action Type: Bandwidth Management
Related Articles
Categories
Was This Article Helpful?
YESNO