Some time ago, I had to make sure that clients on my home network could not connect to any hosts on the internet, ports 6000 to 65000 (both inclusive) - since I thought it was the easier way to block bittorrent on OpenWRT.
Today I needed that again, so just as a reminder to myself, I post a little guide here.
First, log into your router, then open
Add the following line:
iptables -t nat -A PREROUTING -p tcp --dport 6000:65000 -j DROP
/etc/init.d/firewall restart - on your router of course.
Of course, you could replace tcp with upd, replace DROP with REJECT or whatever suits your needs.
Written by Jannich Brendle tor 20 august 2009 In How to