Firewalled/NATted with BitTorrent GUI 4.2.0

Kam Leo kam.leo at gmail.com
Tue Nov 29 18:10:38 UTC 2005 

On 11/29/05, D. D. Brierton <darren at dzr-web.com> wrote:
> On Tue, 2005-11-29 at 15:59 +0000, Andy Green wrote:
> > D. D. Brierton wrote:
> >
> > >>Does anyone know how I go about confirming whether ports 6881-6889
> > >>really are open, and whether the router really is forwarding those
> > >>ports?
> >
> > iptables -L
> >
> > should show up your ports on the INPUT chain
>
> Aha! They don't:
>
> $ sudo /sbin/iptables -L
>
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
> RH-Firewall-1-INPUT  all  --  anywhere             anywhere
>
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> RH-Firewall-1-INPUT  all  --  anywhere             anywhere
>
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
>
> Chain RH-Firewall-1-INPUT (2 references)
> target     prot opt source               destination
> ACCEPT     all  --  anywhere             anywhere
> ACCEPT     icmp --  anywhere             anywhere            icmp any
> ACCEPT     ipv6-crypt--  anywhere             anywhere
> ACCEPT     ipv6-auth--  anywhere             anywhere
> ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:5353
> ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
> ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
> REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited
>
> I used the system-config-securitylevel tool to set the ports 6881-6889
> to be open by adding in the other ports section this:
>
> 6881:tcp, 6882:tcp, 6883:tcp, 6884:tcp, 6885:tcp, 6886:tcp, 6887:tcp, 6888:tcp, 6889:tcp
>
> and this is saved here:
>
> $ cat /etc/sysconfig/system-config-securitylevel
> # Configuration file for system-config-securitylevel
>
> --enabled
> --port=6881:tcp
> --port=6882:tcp
> --port=6883:tcp
> --port=6884:tcp
> --port=6885:tcp
> --port=6886:tcp
> --port=6887:tcp
> --port=6888:tcp
> --port=6889:tcp
>
> So, is system-config-securitylevel busted?
>
> Best, Darren
>
> --
> =====================================================================
> D. D. Brierton            darren at dzr-web.com          www.dzr-web.com
>        Trying is the first step towards failure (Homer Simpson)
> =====================================================================
>

BitTorrent also uses UDP.  If you want to serve torrents you also may
need to enable port 6969.

More information about the users mailing list