Solution - using ZBF + FPM:

Attempt to block torrents was successful, but not completely:

1 . Downloading of the *.torrent files (content-type: "application/x-bittorrent") - is blocked

2 . The traffic with requests to list SEEDs of a tracker (... info_hash =... ) - is blocked

3 . The DHT traffic - is blocked.

PEX (the advanced DHT version)  - doesn't blocked.

Suddenly to whom it is useful, similar to the rules Mikrotik, Cisco ZBF config + FPM:

parameter-map type regex REGEX-TORRENT-ANNOUNCE

 pattern .*[Ii][Nn][Ff][Oo]_[Hh][Aa][Ss][Hh]=.*
parameter-map type regex REGEX-TORRENT-PROHIBIT-DOWNLOAD
 pattern .*application\/x-bittorrent.*|.*\.torrent.*

!

class-map type inspect match-all CLASS-INSPECT-HTTP

 match protocol http

class-map type inspect match-any CLASS-INSPECT
 match protocol ftp
 match protocol ftps
 match protocol tftp
 match protocol smtp
 match protocol pop3
 match protocol dns
 match protocol https
 match protocol http
 match protocol sip
 match protocol tcp
 match protocol udp
 match protocol icmp

!

сlass-map type inspect match-any CLASS-INSPECT-ANY-P2P

 match protocol gnutella signature
 match protocol kazaa2 signature
 match protocol fasttrack signature
 match protocol bittorrent signature
class-map type inspect match-all CLASS-INSPECT-P2P
 match class-map CLASS-INSPECT-ANY-P2P

!

class-map type inspect http match-all CLASS-HTTP-TORRENT-PROHIBIT-DOWNLOAD

 match  response header content-type regex REGEX-TORRENT-PROHIBIT-DOWNLOAD

сlass-map type inspect http match-all CLASS-HTTP-TORRENT-ANNOUNCE
 match  request method get
 match  request arg regex REGEX-TORRENT-ANNOUNCE

class-map type inspect http match-any CLASS-HTTP-PORT-MISUSE

 match  request port-misuse p2p
 match  req-resp protocol-violation

!

class-map type access-control match-all CLASS-ACCESS-TORRENT-DHT-OUTGOING
 match field UDP length range 95 190
 match start UDP payload-start offset 0 size 190 string "d1:ad2:id20:"
 match field UDP dest-port range 1025 65535

!

class-map type stack match-all CLASS-STACK-IP-UDP
 description *** Stack: [IP [UDP ... ]] ***
 match field IP protocol eq 0x11 next UDP

!

policy-map type inspect http POLICY-HTTP
 class type inspect http CLASS-HTTP-TORRENT-ANNOUNCE
  reset
  log
 class type inspect http CLASS-HTTP-PORT-MISUSE
  reset
 class type inspect http CLASS-HTTP-TORRENT-PROHIBIT-DOWNLOAD
  reset
  log
policy-map type inspect INSIDE->INTERNET
 class type inspect CLASS-INSPECT-P2P
  drop
 class type inspect CLASS-INSPECT-HTTP
  inspect
  service-policy http POLICY-HTTP
 class type inspect CLASS-INSPECT
  inspect
 class class-default
  drop

!

policy-map type access-control POLICY-FILTER
 class CLASS-ACCESS-TORRENT-DHT-OUTGOING
   log
   drop all
policy-map type access-control POLICY-STACK
 class CLASS-STACK-IP-UDP
  service-policy POLICY-FILTER

!

interface GigabitEthernet0/0

 zone-member security INSIDE

interface GigabitEthernet0/1

 zone-member security OUTSIDE

 service-policy type access-control output POLICY-STACK

!

zone-pair security INSIDE->INTERNET source INSIDE destination INTERNET
 service-policy type inspect INSIDE->INTERNET

!