FC-1 firewall script for bittorrent
D. D. Brierton
darren at dzr-web.com
Tue Jun 15 03:21:42 UTC 2004
On Tue, 2004-06-15 at 03:32, russell wrote:
> This is what you do to add the rules, or at least this is what I did:
>
> 1. Go to the command prompt.
> 1a. If you aren't root then su - and hit enter and put in the root
> password when it asks you.
> 2. Type setup
> 3. Select Firewall Configuration
> 4. Make sure the firewall in enabled
> 5. select customize
> 6. In The "Other ports" put in 6881
Right, the console based interface is very similar to the gui one you
get if you run system-config-securitylevel when in X. What interests me
is the "Other ports" section, which in the graphical version of the tool
is labelled: "Other ports: (1029:tcp)". You can enter in there
"6881:tcp, 6881:udp, 6882:tcp, ..." but I wondered if there was a short
hand for entering ranges.
> 7. hit ok
> 8. hit ok again
> 9. hit quit
> 10. type vi /etc/sysconfig/iptables (or use whatever text editor you
> like. I like vi.)
> 11. look for the line "-A RH-Firewall-1-INPUT -m state --state NEW -m
> tcp -p tcp --dport 6881 -j ACCEPT"
> 12. put ":6889" (no quotes) after the 6881
> 12a. paste this line after the above line "-A RH-Firewall-1-INPUT -m
> state --state NEW -m udp -p udp --dport6881:6889 -j ACCEPT (this is the
> new line of the script that Erik gave me)
> 13. save file and exit vi
> 14. at prompt type /etc/init.d/iptables restart
> 15. hit enter your iptables should stop and then start. .
Thanks. I don't have a problem with editing the configs by hand, but I'd
like to see the system-config-* tools helped along into being able to do
this. Maybe they should just include a "BitTorrent" option in trusted
services.
Best, Darren
--
=====================================================================
D. D. Brierton darren at dzr-web.com www.dzr-web.com
Trying is the first step towards failure (Homer Simpson)
=====================================================================
More information about the users
mailing list