On Monday 11 April 2005 09:32, Vinicius wrote: >Gene Heskett escreveu: >> Hi; >> >> I've been watching the iptables threads, hoping I'd find some >> clues as to how to go about carving a hole a few port numbers wide >> for bittorrents use. >> >> As I also have an external router, a linksys BESFR41, I'd probably >> have to setup something in it also, and that seems fairly clear, >> but I've never been able to get a torrent going through it. My >> iptables rules ATM are fairly bulletptoof, (you cannot see me from >> the internet other than a closed identd port) so my question is >> this: >> >> Do any of these iptables gui front ends have a preset option to >> output a pre-canned ruleset that will pass the torrent, but still >> maintain a reasonable level of security outside this open port >> range that the torrent needs? > >I don't know, but this is my iptables' rule: >" >$ iptables -I RH-Firewall-1-INPUT X -p tcp --dport 6881:6999 -j > ACCEPT $ service iptables save >" > >where X is an appropriate position inside your iptables' rules. If I > did do "iptables -A ..." instead, the rule did not work, because > the previous rule is "iptables -j REJECT --reject-with > icmp-host-prohibited" (it will reject everything). > >I can do a NAT rule on my modem to translate these ports, the rule > is called RDR. Ask to Linksys how to do this. You can search the > Linksys knowledge base about this, too. I've setup in the router, port forwarding to the firewall boxes outside addres, for those ports in the 6881-6999, and applied that rule into my iptables init script in the proper (I think) order within that script in /etc/sysconfig, and then did a service iptables restart, which didn't report any errors. And the rule does show for an iptables -L: Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpts:6881:6999 And I just went after the latest BitTorrent 4.0.something and installed that. Digging thru the docs, the first thing I need to do is start a 'tracker', but that fails with an error message that I don't quite grok: [root@gene /]# bttrack.py --port 6969 --dfile dstate Traceback (innermost last): File "/usr/bin/bttrack.py", line 16, in ? from BitTorrent.track import track ImportError: No module named BitTorrent.track Now what? There isn't any such module in the python-2.3/site-packages/BittTorrent subdir, and no such file exists in the archive either. >IHTH, Some, thanks. >Vinicius. -- Cheers, Gene "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) 99.34% setiathome rank, not too shabby for a WV hillbilly Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2005 by Maurice Eugene Heskett, all rights reserved.