On Tue, Dec 28, 2010 at 4:11 PM, Brian Wall <kc0iog at gmail.com> wrote: > Can PFSense perform stateful packet inspection? One of the challenges > with bit torrent is that it can be tunneled on just about any port. > The only way to truly knock it out is to inspect the packet, looking > for the bit torrent headers, then kill the connection if it finds the > headers. As of 2.0, which is still in beta, pfSense can do application-layer filtering. I've been using it at home to lower the priority of bittorent traffic without having to set all my clients to a specific port. The interface is a little funky, and documentation lacking, but it seems to work. Of course, it still can't do much about encrypted BT traffic. -Steve -- If it ain't broke, you're not using a new enough version