Fedora Users — Re: Firewalled/NATted with BitTorrent GUI 4.2.0

Re: Firewalled/NATted with BitTorrent GUI 4.2.0

Date Prev

Date Next

Thread Prev

Thread Next

Date Index

Thread Index

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

Subject: Re: Firewalled/NATted with BitTorrent GUI 4.2.0

From: Kam Leo <kam.leo@xxxxxxxxx>

Date: Tue, 29 Nov 2005 10:10:38 -0800

Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=W4ufY+0N2c1bzTFY6DLHyJJprafD/oLbRcME7bAOxerLIqrn8vn7rgsqNqkvExxwKr4inSiEztE1F7gCY0jxXoV6fTYGLG0MIreOZ9xrOnBAMiXbGBSvmayH+0pL80VGu3MCPqxg0DI2b+WLHfWzviDgPDtkgzcfg906gi82Kf8=

In-reply-to: <1133280711.3099.14.camel@xxxxxxxxxxxxx>

List-help: <mailto:[email protected]?subject=help>

List-id: For users of Fedora Core releases <fedora-list.redhat.com>

List-post: <mailto:[email protected]>

List-subscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>

List-unsubscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>

References: <1133219824.3249.17.camel@xxxxxxxxxxxxx> <1133279422.3099.7.camel@xxxxxxxxxxxxx> <438C7AC7.6020707@xxxxxxxxxxx> <1133280711.3099.14.camel@xxxxxxxxxxxxx>

Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

On 11/29/05, D. D. Brierton <darren@xxxxxxxxxxx> wrote:
> On Tue, 2005-11-29 at 15:59 +0000, Andy Green wrote:
> > D. D. Brierton wrote:
> >
> > >>Does anyone know how I go about confirming whether ports 6881-6889
> > >>really are open, and whether the router really is forwarding those
> > >>ports?
> >
> > iptables -L
> >
> > should show up your ports on the INPUT chain
>
> Aha! They don't:
>
> $ sudo /sbin/iptables -L
>
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
> RH-Firewall-1-INPUT  all  --  anywhere             anywhere
>
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> RH-Firewall-1-INPUT  all  --  anywhere             anywhere
>
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
>
> Chain RH-Firewall-1-INPUT (2 references)
> target     prot opt source               destination
> ACCEPT     all  --  anywhere             anywhere
> ACCEPT     icmp --  anywhere             anywhere            icmp any
> ACCEPT     ipv6-crypt--  anywhere             anywhere
> ACCEPT     ipv6-auth--  anywhere             anywhere
> ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:5353
> ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
> ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
> REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited
>
> I used the system-config-securitylevel tool to set the ports 6881-6889
> to be open by adding in the other ports section this:
>
> 6881:tcp, 6882:tcp, 6883:tcp, 6884:tcp, 6885:tcp, 6886:tcp, 6887:tcp, 6888:tcp, 6889:tcp
>
> and this is saved here:
>
> $ cat /etc/sysconfig/system-config-securitylevel
> # Configuration file for system-config-securitylevel
>
> --enabled
> --port=6881:tcp
> --port=6882:tcp
> --port=6883:tcp
> --port=6884:tcp
> --port=6885:tcp
> --port=6886:tcp
> --port=6887:tcp
> --port=6888:tcp
> --port=6889:tcp
>
> So, is system-config-securitylevel busted?
>
> Best, Darren
>
> --
> =====================================================================
> D. D. Brierton            darren@xxxxxxxxxxx          www.dzr-web.com
>        Trying is the first step towards failure (Homer Simpson)
> =====================================================================
>

BitTorrent also uses UDP.  If you want to serve torrents you also may
need to enable port 6969.