Firewalled/NATted with BitTorrent GUI 4.2.0

D. D. Brierton darren at dzr-web.com
Tue Nov 29 16:11:50 UTC 2005


On Tue, 2005-11-29 at 15:59 +0000, Andy Green wrote:
> D. D. Brierton wrote:
> 
> >>Does anyone know how I go about confirming whether ports 6881-6889
> >>really are open, and whether the router really is forwarding those
> >>ports?
> 
> iptables -L
> 
> should show up your ports on the INPUT chain

Aha! They don't:

$ sudo /sbin/iptables -L

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere            icmp any
ACCEPT     ipv6-crypt--  anywhere             anywhere
ACCEPT     ipv6-auth--  anywhere             anywhere
ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:5353
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited

I used the system-config-securitylevel tool to set the ports 6881-6889
to be open by adding in the other ports section this:

6881:tcp, 6882:tcp, 6883:tcp, 6884:tcp, 6885:tcp, 6886:tcp, 6887:tcp, 6888:tcp, 6889:tcp

and this is saved here:

$ cat /etc/sysconfig/system-config-securitylevel
# Configuration file for system-config-securitylevel

--enabled
--port=6881:tcp
--port=6882:tcp
--port=6883:tcp
--port=6884:tcp
--port=6885:tcp
--port=6886:tcp
--port=6887:tcp
--port=6888:tcp
--port=6889:tcp

So, is system-config-securitylevel busted?

Best, Darren

-- 
=====================================================================
D. D. Brierton            darren at dzr-web.com          www.dzr-web.com
       Trying is the first step towards failure (Homer Simpson)
=====================================================================




More information about the users mailing list