diff --git a/template_config_client.jsonc b/template_config_client.jsonc
index d9f1f24..68d2bd8 100644
--- a/template_config_client.jsonc
+++ b/template_config_client.jsonc
@@ -87,6 +87,7 @@
   ],
   // client-side outbound configuration
   "outbounds": [
+    // fallback, see `routing` section
     {
       "tag": "proxy",
       "protocol": "vless",
@@ -134,6 +135,11 @@
       "tag": "direct",
       "protocol": "freedom",
       "settings": {}
+    },
+    // for that should be blocked
+    {
+      "protocol": "blackhole",
+      "tag": "block"
     }
   ],
   // Forward each inbound connections to corresponding `outboundTag`. If no rules match,
@@ -148,6 +154,25 @@
         ],
         "outboundTag": "api"
       },
+      {
+        "type": "field",
+        "protocol": [ "bittorrent" ],
+        "outboundTag": "block"
+      },
+      // block traffic to popular ports of torrent trackers
+      // and to popular ports of torrent clients
+      {
+        "type": "field",
+        "port": "6969,6881-6889",
+        "outboundTag": "block"
+      },
+      // block traffic from popular ports of torrent clients
+      {
+        "type": "field",
+        "sourcePort": "6881-6889",
+        "outboundTag": "block"
+      },
+      // guide domestic sites traffic to `direct` outbound
       {
         "type": "field",
         "domain": [
@@ -179,11 +204,6 @@
             "geoip:ir"
         ],
         "outboundTag": "direct"
-      },
-      {
-        "type": "field",
-        "protocol": [ "bittorrent" ],
-        "outboundTag": "block"
       }
     ]
   }
diff --git a/template_config_server.jsonc b/template_config_server.jsonc
index 8fb66be..68dfdb6 100644
--- a/template_config_server.jsonc
+++ b/template_config_server.jsonc
@@ -44,7 +44,6 @@
       },
       {
         "type": "field",
-        "port": "80",
         "network": "udp",
         "outboundTag": "block"
       },
@@ -61,21 +60,38 @@
         "protocol": [ "bittorrent" ],
         "outboundTag": "block"
       },
+      // block traffic to popular ports of torrent trackers
+      // and to popular ports of torrent clients
+      {
+        "type": "field",
+        "port": "6969,6881-6889",
+        "outboundTag": "block"
+      },
+      // block traffic from popular ports of torrent clients
+      {
+        "type": "field",
+        "sourcePort": "6881-6889",
+        "outboundTag": "block"
+      },
       // block domestic client traffic if it's coming somehow (e.g. wrong client config)
       {
         "type": "field",
         "domain": [
             "geosite:cn",
             "domain:cn",
+            // punycode for national Chinese top-level domains .中国, .中國, .公司, .网络
             "domain:xn--fiqs8s",
             "domain:xn--fiqz9s",
             "domain:xn--55qx5d",
             "domain:xn--io0a7i",
             "domain:ru",
+            // punycode for cyrillic Russian top-level domain .рф
             "domain:xn--p1ai",
             "domain:by",
+            // punycode for national Belorussian top-level domain .бел
             "domain:xn--90ais",
             "domain:ir",
+            // extra domains that are used by domestic sites, see https://github.com/EvgenyNerush/coherence-grabber/tree/main
             "ext:customgeo.dat:coherence-extra"
         ],
         "outboundTag": "block"
@@ -224,7 +240,7 @@
   ],
   // server-side outbound configuration
   "outbounds": [
-    // direct connection
+    // direct connection; fallback, see `routing` section
     {
       "protocol": "freedom",
       "tag": "direct"