-------- Forwarded Message -------- From: Terry Erickson <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] To: leaf-user <[email protected]> Subject: Re: [leaf-user] Bit-Torrent Help with Dachstein LEAF Firewall forwarding ports Date: Mon, 03 Jan 2005 02:10:29 -0800 When I had Dachstein I think I used to use the following commands (adapt them appropriately) which I interpreted from found on the web site leaf.sourceforge.net somewhere, probably in the HOWTO's- yes. Here . . . http://sourceforge.net/docman/display_doc.php?docid=1443&group_id=13751 :
ipmasqadm autofw -A -r tcp (low port #) (high port #) -h 192.168.*.* On Dachstein w/2.2* kernel, if I am correct, this command "opens" the specified port range, of the (high port) to the (low port) to the computer 192.168.*.* This allows other users on the Internet to _initiate_ connections to your client. Behind a NAT router without forwarding, your bittorrent downloads will be slow, and your client should give a "NAT error" or something. For bittorrent If your client has the ability to use a non-standard port, you can use a port in the 'way up there' range - I use like 45789 or something. Azureus is an excellent (best) bittorrent client that has that capability. On Sun, 2005-01-02 at 21:33 -0500, Kevin wrote: > I am trying to tweak my Dachstein 2 floppy system to work best with > Bit-Torrent. I found this on the Bit-Torrent web site and am not sure how or > where to add: > > Linux ipmasqadm > > >From Andy Haninger: > > ipmasqadm portfw -f (flushes all other rules.. optional) > ipmasqadm portfw -a -P tcp -L [firewall IP] 6881 -R [client IP] 6881 > > > > I am not sure where to put the second rule and if this is the correct rule > or if I need another one? Any help would be appreciated very much. > > I think the below is for a different version of the Linux firewall project: > > Shorewall for Linux > >From Mike808: > > For systems that are using masquerading (NAT) and have something like the > following: > > In /etc/shorewall/masq: > > # All outgoing traffic from 192.168.1.X going out the eth0 interface > # will be NATed/masqueraded to appear to be originating from your external > # internet address A.B.C.D (i.e. SNAT outgoing packets) > eth0 192.168.1.0/24 A.B.C.D > > And in /etc/shorewall/rules: > > # Allow net zone traffic on the external interface to be destination NATed > (DNAT) > # to your computer's internal IP address (for example, 192.168.1.X) > # Allow BitTorrent traffic through - port 6969 is if you run a tracker > # And ports 6881 through 6889 are for incoming BitTorrent connections. > DNAT net loc:192.168.1.X tcp 6969 > DNAT net loc:192.168.1.X tcp 6881:6889 > > > Or this one: > > Linux IPTables > >From SDE: > > iptables -t nat -I PREROUTING -p tcp --dport 6881:6889 -j DNAT > --to-destination <host> > ... where <host> is the private or internal IP actually running the BT > client. > > > > > ------------------------------------------------------- > The SF.Net email is sponsored by: Beat the post-holiday blues > Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. > It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt > ------------------------------------------------------------------------ > leaf-user mailing list: [email protected] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html > > ------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt ------------------------------------------------------------------------ leaf-user mailing list: [email protected] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
