Jump to content

ISP blocking seeding and uploading


backspin
 Share

Recommended Posts

Unfortunately, I have a ISP that is blocking uploads. However, downloads remain unaffected for now. 

Using Wireshark, I can see the ISP is sending forged reset packets and hence is killing the connections. I can only assume clients on the other side are also receiving reset packets, but have no proof. Currently, they seem to be targeting seeds as downloads remain unaffected, but I can seed for days, with some popular torrents like ubuntu and Knoppix, and after a few days I see maybe 1MB uploaded during that time effectively blocking 99.9% of the connections. Port are open properly, so I know there's no network issues on my side. 

Using a VPN yields the same results, but that is not surprising because as someone who works with network equipment, identifying encrypted traffic is easy these days, and disrupting the flow is just as easy. 

So, with the political climate like it is, more ISP's are going to block what they want.

Best Regards,

 

P.S. I asked someone, I know, who works on networks, and who is also on the same ISP to test torrents, and he is unable to upload as well. 

 

 

 

 

 

 

 

 

Link to comment
Share on other sites

My statement was more of a heads-up than anything... 

What's interesting is the resets are coming inside the tunnel, meaning the unencrypted source and destination are normal, but when you crack open the encrypted payload that's where the reset is. 

Watching wireshark from the ethernet interface, all you see is encrypted traffic to and from the VPN server... All looks good.

However, watching wireshark from inside the tunnel (unencrypted) the resets are there. 

So, this makes me wonder if there is a man in the middle, or perhaps something else is going on.

Still in investigative mode.

 

 

 

Link to comment
Share on other sites

  • 2 weeks later...

Just to finish this up....   I tried various forms of OpenVPN... Encryption/locations/hashes, OpenConnect, PPTP, L2TP, and though downloading works, seeding a torrent or uploading does not work. Using wireshark you can see the reset packets flooding in from all of the external IP's, and can only assume all of the external IP's receiving reset packets from me.. Of course all of the reset packets are forged. The only thing I can figure is that the ISP is doing MITM. Otherwise how could they break open the packet to see the actual source IP and Destination IP because it's encrypted. 

Unfortunately, the VPN service I use has not implemented TLS 1.3 yet, so once that has been done, it should kill any MITM attempts as TLS 1.3 is supposed to be secure. In fact many large companies/ISP's etc are very worried about 1.3 because they can't do MITM for inspection inside their own edge networks, but that's a different story.

I did find a work around, and I ended up having to proxy (127.0.0.1) all of my torrent traffic (socks 5) through a SSH tunnel which so far they are not able to block.  Since proxying through SSH, BitTorrent works like is used to.. as I'm able to seed and upload without any issues. The only issue is that I'm unable to port forward back through the tunnel as the provide doesn't have the functionality. My connection status is still "Online", so if it was having issues, would show as offline.

 

 

 

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...