Hi and welcome ksang.
You must be start with a close firewall rules, in "Firewall" / "Packet Filter" and "Rules for internal networks":
- Denying all traffic to all ports and destination for all IPs / Objects.
- Allow the necessary rules to especific port and destination for specific IP / Objects.
Remember these rules have priority from top to botton, for that, deny rules always must be in top and allow rules in bottom.
Doing this you have a solution to block for most of P2P software. Some P2P softwares are a little hard to block and you need analize how work. You can combine the firewall rules and the proxy (with content filter, MIME filter and extension filter) to obtain more flexibility.
To access your LAN from outside I recomend use OpenVPN included in ebox. Find this in the forum, I'm secure is than better taht I can explain with my poor english.
Regards.