Firewall/NAT

Hello, I have configured m0nowall firewall to disallow bt torrent. My configuration as below:
Interface: WAN (Is that enough or should be LAN?)
Protocol: TCP/IP
Source: type: single host or alias (with address box specified)
Sour port range: from 'any' to 'any'
Destination: Type='any'

It seems like the source machine still can connect through the program. Any idea?

Thanks in advance.

You need to put the rule on your LAN to block traffic originating from LAN hosts.

Hi,
If you want the machine to be able to access other resources on the internet, the simplest solution would be to remove the torrent client.  Most torrent clients can be configured to use various ports, so you would have to as you stated block all out bound traffic from that machine. The following rule would be needed,
Action: Block
Interface: LAN
Protocol: Any
Source: Single Host or Alias (Has to be IP address)
Source Port Range: Any
Destination: Any
Destination port Range: Any

Remember also, that he rules are processed in order, so this rule needs to be above another rule that would let traffic out for the subnet.

Of course, the user could simply change the IP address of the machine and then they would be out again.  My preferred solution would be to have a block all rule at the bottom of the list, and then add rules that explicitly allow what ports can go out, i.e. http, https, ftp, SMTP, POP, IMAP, ntp, above this for the LAN subnet.  You do end up with lots more rules as you have to have one for every outgoing port, but this is much more secure.

Thanks guys, seems like the order is important what I was doing wrong earlier.