Firewalled/NATted with BitTorrent GUI 4.2.0
Kam Leo
kam.leo at gmail.com
Tue Nov 29 18:10:38 UTC 2005
On 11/29/05, D. D. Brierton <darren at dzr-web.com> wrote:
> On Tue, 2005-11-29 at 15:59 +0000, Andy Green wrote:
> > D. D. Brierton wrote:
> >
> > >>Does anyone know how I go about confirming whether ports 6881-6889
> > >>really are open, and whether the router really is forwarding those
> > >>ports?
> >
> > iptables -L
> >
> > should show up your ports on the INPUT chain
>
> Aha! They don't:
>
> $ sudo /sbin/iptables -L
>
> Chain FORWARD (policy ACCEPT)
> target prot opt source destination
> RH-Firewall-1-INPUT all -- anywhere anywhere
>
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
> RH-Firewall-1-INPUT all -- anywhere anywhere
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
>
> Chain RH-Firewall-1-INPUT (2 references)
> target prot opt source destination
> ACCEPT all -- anywhere anywhere
> ACCEPT icmp -- anywhere anywhere icmp any
> ACCEPT ipv6-crypt-- anywhere anywhere
> ACCEPT ipv6-auth-- anywhere anywhere
> ACCEPT udp -- anywhere 224.0.0.251 udp dpt:5353
> ACCEPT udp -- anywhere anywhere udp dpt:ipp
> ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
> REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
>
> I used the system-config-securitylevel tool to set the ports 6881-6889
> to be open by adding in the other ports section this:
>
> 6881:tcp, 6882:tcp, 6883:tcp, 6884:tcp, 6885:tcp, 6886:tcp, 6887:tcp, 6888:tcp, 6889:tcp
>
> and this is saved here:
>
> $ cat /etc/sysconfig/system-config-securitylevel
> # Configuration file for system-config-securitylevel
>
> --enabled
> --port=6881:tcp
> --port=6882:tcp
> --port=6883:tcp
> --port=6884:tcp
> --port=6885:tcp
> --port=6886:tcp
> --port=6887:tcp
> --port=6888:tcp
> --port=6889:tcp
>
> So, is system-config-securitylevel busted?
>
> Best, Darren
>
> --
> =====================================================================
> D. D. Brierton darren at dzr-web.com www.dzr-web.com
> Trying is the first step towards failure (Homer Simpson)
> =====================================================================
>
BitTorrent also uses UDP. If you want to serve torrents you also may
need to enable port 6969.
More information about the fedora-list
mailing list