06-30-2020 02:16 AM
Probably a bit of weird question this one, but as the Evil Firewall Admin at an academic institution I sometimes get asked weird questions so I thought I'd pass the joy onwards. We have a researcher who is interested in data on piracy, and I thought I'd try to collect some data on bittorrent traffic (which is mostly allowed) including the filenames.
Unfortunately the firewall logs don't seem to include the filenames for bittorrent.
a) Is this down to a configuration setting I've not found as yet?
b) Is there some other way of including that data?
It's quite possible I'm asking for something that's effectively impossible but it doesn't hurt to ask.
(Running PA5250s in active/standby running PANOS 8.1.15)
06-30-2020 10:02 AM
I don't think your going to be able to grab the filename over a bittorrent transfer, due to the way that the firewall would see the data chunklet. If you think about what Bittorrent actually does, you aren't downloading mypiratedmusic.mp3, you're downloading a bunch of little pieces of that file from a bunch of different sources. One of the key aspects of Torrents is that you aren't really ever supposed to be able to see the actual contents of the files being distributed to different peers.
07-01-2020 05:50 AM
Thanks! I suspect you're right, but there was no harm in asking.
My support route has me messing around with file blocking to get the file names logged 😐
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
