Hi Pawel, strange i have nearly the same ruleset. i changed the ports in the edonkey config file and changed the rules and added "flags S keep state keep frags" to the tcp rule but nothing changed. then i capture the traffic i see packets arriving on the specified ports, but on the connection tester http://www.preinheimer.com/cgi-bin/connectiontest/connectiontest2.cgi i always get an error.
thanks for your help p.s.: actual config files: /etc/ipf/ipf.conf pass in quick on sppp0 proto tcp from any to 192.168.1.2/32 port = 4662 flags S keep state keep frags pass in quick on sppp0 proto udp from any to 192.168.1.2/32 port = 3620 keep state block in on sppp0 all pass out on sppp0 all keep state /etc/ipf/ipnat.conf map sppp0 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp map sppp0 192.168.1.0/24 -> 0/32 portmap tcp/udp auto map sppp0 192.168.1.0/24 -> 0/32 rdr sppp0 0/32 port 4662 -> 192.168.1.2 port 4662 tcp rdr sppp0 0/32 port 3620 -> 192.168.1.2 port 3620 udp PSV> Here are my [working] rules for eMule: >>> from ipf.conf (hme1 is external iface) PSV> pass in quick on hme1 proto tcp from any to 192.168.0.3/32 PSV> port = 1082 flags S keep state keep frags PSV> pass in quick on hme1 proto udp from any to 192.168.0.3/32 port = 1081 keep state >>> from ipnat.conf (xxxx'es is external IP) PSV> # emule PSV> rdr hme1 xx.x.xxx.xxx/32 port 1081 -> 192.168.0.3 port 1081 udp PSV> rdr hme1 xx.x.xxx.xxx/32 port 1082 -> 192.168.0.3 port 1082 tcp PSV> # actual nat PSV> map hme1 192.168.0.0/24 -> xx.x.xxx.xxx/32 portmap tcp/udp 10000:50000 PSV> Obviously, I use different ports than the default. PSV> I think you don't need any 'pass out' rules in your ipnat.conf, as PSV> you have 'pass out on sppp0 all' at the end anyway. Also, servers will PSV> not necessarily listen on the default 466x port, since the time when PSV> ISPs started to filter that port out in an attempt to block ed2k traffic. PSV> Thanks, PSV> Pawel. PSV> On Tue, Sep 06, 2005 at 09:17:36AM -0700, bsdboy wrote: >> --- Aleksander <[EMAIL PROTECTED]> wrote: >> From: Aleksander <[EMAIL PROTECTED]> >> Date: Tue, 6 Sep 2005 13:41:56 +0200 >> To: [email protected] >> Subject: edonkey >> Hi, >> i wanted to set up edonkey to run on a client(192.168.1.2). the >> router(192.168.1.1) on a solaris 10 box is firewalled with ipf. i cant >> figure out how to set up the rules properly. here is what i have done: >> /etc/ipf/ipf.conf >> pass in quick on sppp0 proto tcp from any to 192.168.1.2 port = 4662 >> keep state >> pass in quick on sppp0 proto udp from any to 192.168.1.2 port = 3620 >> keep state >> pass out quick on sppp0 proto tcp from 192.168.1.2 to any port = 4661 >> keep state >> pass out quick on sppp0 proto tcp from 192.168.1.2 to any port = 4662 >> keep state >> pass out quick on sppp0 proto udp from 192.168.1.2 to any port = 4665 >> keep state >> block in on sppp0 all >> pass out on sppp0 all >> /etc/ipf/ipnat.conf >> map sppp0 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp >> map sppp0 192.168.1.0/24 -> 0/32 portmap tcp/udp auto >> map sppp0 192.168.1.0/24 -> 0/32 >> rdr sppp0 0/32 port 4662 -> 192.168.1.2 port 4662 tcp >> rdr sppp0 0/32 port 3620 -> 192.168.1.2 port 3620 udp >> i always get the message that the client(edonkeyclc) cant connect to >> the server. i use the default port configuration. >> has someone an idea what`s wrong here? or has someone a working >> configuration and can teach me how to set this up right. >> thanks for your help >> Hi Aleksander. >> Look before i have the same question, i have emule running on >> my home but i only use with emule ports TCP 4662 and UDP 4672 on >> Freebsd 4.11 >> >> http://www.emule-project.net/home/perl/help.cgi?l=1&rm=show_topic&topi >> c_id=122 >> My case: >> http://marc.theaimsgroup.com/?l=ipfilter&m=109824738619727&w=2 >> Is in the maillist of ipfilter, but i dont know why my browser show >> me incorrect the message, i cannot see clear text, well hope this help >> you. >> Greetings. >> >> _________________________________________________________________ >> >> Create tu cuenta webmail en http://www.starlinux.net
