Re: [pfSense Support] XBOX live not working with public IPS on MY LAN

Tue, 11 May 2010 18:13:35 -0700 

Cool.
I didnt think anything special would have to be done. Its prolly a "personal" problem that the client isn't hookin up with there freinds on xbox live. i havent a clue. never had a problem like this before 

thanks gary.


if this raises an eyebrow to anyone on why there would be a problem, do 
tell, as Gary and myself both agree that there isnt anything that I 
should have to do in pfsense to make this work.


-topher

On 5/11/2010 6:09 PM, Gary Buckmaster wrote:

My point wasn't that you need NAT, I got the part where you said you 
weren't NATing.  The point is that no special configurations are 
needed to make XBox live work with pfSense and yes, UPnP is simply to 
automagically set up NATs as needed.

Chris Flugstad wrote:

I totally knew I'd get a response in regards to NATing ;)  I am not 
using NAT.  I have public ip's on the inside of this network so there 
is no NATING.  UPNP would only be used for NAT  correct?
I myself tend to skim posts on here, so I totally understand Gary, 
and thanks for the quick response.  Hopefully someone else has a 
response that will help though.


-topher

On 5/11/2010 5:23 PM, Gary Buckmaster wrote:

I'm using an XBox behind a very straightforward pfSense install 
without any difficulty.  You shouldn't need any special contortions 
to make it work except NATing the ports XBox Live wants (it works 
without them but it complains).  UPnP should also "Just Work" if you 
enable that.

Chris Flugstad wrote:

So I have a pfsense router in a buidling DHCP'ing pub ip's on the 
LAN.  I have a user that can connect his xbox 360 online to xbox 
live but cannot connect to other players or join parties.  He has 
tried plugging his xbox directly bypassing his router and giving 
his xbox a pub ip.  this does not work.  i wonder if something 
would need to be set in pfsense to allow this to work?



Again, I have public ip's on the inside of my network so i do not 
have NAT for any of you who are going to respond with responses 
that would point me into doing fw changes for NAT


below is a dump of my config.

Sincerely,
Topher



<?xml version="1.0"?>
<pfsense>
<version>3.0</version>
<lastchange/>
<theme>nervecenter</theme>
<system>
<optimization>normal</optimization>
<hostname> </hostname>
<domain> .net</domain>
<username> </username>
<password>$.</password>
<timezone>Etc/GMT-8</timezone>
<time-update-interval/>
<timeservers>0.pfsense.pool.ntp.org</timeservers>
<webgui>
<protocol>https</protocol>
<port/>
<certificate/>
<private-key/>
</webgui>
<disablenatreflection>yes</disablenatreflection>
<ssh>
<authorizedkeys/>
<port/>
</ssh>
<enablesshd>yes</enablesshd>
<maximumstates/>
<shapertype/>
<dnsserver>207.66.128.8</dnsserver>
<dnsserver>207.66.60.8</dnsserver>
<dnsallowoverride/>
</system>
<interfaces>
<lan>
<if>bge0</if>
<ipaddr>216.127.63.65</ipaddr>
<subnet>26</subnet>
<media/>
<mediaopt/>
<bandwidth>100</bandwidth>
<bandwidthtype>Mb</bandwidthtype>
<bridge/>
</lan>
<wan>
<if>bge1</if>
<mtu/>
<media/>
<mediaopt/>
<bandwidth>100</bandwidth>
<bandwidthtype>Mb</bandwidthtype>
<spoofmac/>
<ipaddr>216.127.32.44</ipaddr>
<subnet>29</subnet>
<gateway>216.127.32.41</gateway>
</wan>
</interfaces>
<staticroutes/>
<pppoe>
<username/>
<password/>
<provider/>
</pppoe>
<pptp>
<username/>
<password/>
<local/>
<subnet/>
<remote/>
</pptp>
<bigpond/>
<dyndns>
<type>dyndns</type>
<username/>
<password/>
<host/>
<mx/>
</dyndns>
<dhcpd>
<lan>
<enable/>
<range>
<from>216.127.63.66</from>
<to>216.127.63.126</to>
</range>
<defaultleasetime/>
<maxleasetime/>
<netmask/>
<failover_peerip/>
<gateway>216.127.63.65</gateway>
<ddnsdomain/>
<next-server/>
<filename/>
<staticmap>
<mac>00:21:91:15:90:24</mac>
<ipaddr>216.127.63.80</ipaddr>
<hostname>WBR-1310</hostname>
<descr/>
</staticmap>
</lan>
</dhcpd>
<pptpd>
<mode/>
<redir/>
<localip/>
<remoteip/>
</pptpd>
<ovpn/>
<dnsmasq>
<enable/>
</dnsmasq>
<snmpd>
<syslocation/>
<syscontact/>
<rocommunity>public</rocommunity>
</snmpd>
<diag>
<ipv6nat/>
</diag>
<bridge/>
<syslog/>
<nat>
<ipsecpassthru/>
<advancedoutbound>
<enable/>
</advancedoutbound>
</nat>
<filter>
<rule>
<type>block</type>
<interface>wan</interface>
<max-src-nodes/>
<max-src-states/>
<statetimeout/>
<statetype>keep state</statetype>
<os></os>
<source>
<address>216.127.63.80</address>
</source>
<destination>
<any/>
</destination>
<descr/>
</rule>
<rule>
<type>pass</type>
<interface>wan</interface>
<max-src-nodes/>
<max-src-states/>
<statetimeout/>
<statetype>keep state</statetype>
<os/>
<source>
<any/>
</source>
<destination>
<any/>
</destination>
<descr/>
</rule>
<rule>
<type>reject</type>
<interface>lan</interface>
<max-src-nodes/>
<max-src-states/>
<statetimeout/>
<statetype>keep state</statetype>
<os/>
<source>
<address>216.127.63.80</address>
</source>
<destination>
<any/>
</destination>
<descr>block misch ip</descr>
</rule>
<rule>
<type>block</type>
<interface>lan</interface>
<max-src-nodes/>
<max-src-states/>
<statetimeout/>
<statetype>keep state</statetype>
<os/>
<source>
<address>216.127.63.116</address>
</source>
<destination>
<any/>
</destination>
<disabled/>
<descr>block misch ip</descr>
</rule>
<rule>
<type>block</type>
<interface>lan</interface>
<max-src-nodes/>
<max-src-states/>
<statetimeout/>
<statetype>keep state</statetype>
<os/>
<source>
<address>216.127.63.100</address>
</source>
<destination>
<any/>
</destination>
<descr/>
<disabled/>
</rule>
<rule>
<type>pass</type>
<interface>lan</interface>
<max-src-nodes/>
<max-src-states/>
<statetimeout/>
<statetype>keep state</statetype>
<os/>
<source>
<network>lan</network>
</source>
<destination>
<any/>
</destination>
<descr>Default LAN -&gt; any</descr>
</rule>
</filter>
<ipsec>
<preferredoldsa/>
</ipsec>
<aliases>
<alias>
<name>mischeif</name>
<address>216.127.63.80</address>
<descr>bad peoplos</descr>
<type>host</type>
<detail>Entry added Mon, 18 Jan 2010 16:57:58 +0800||</detail>
</alias>
</aliases>
<proxyarp/>
<cron>
<item>
<minute>0</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 newsyslog</command>
</item>
<item>
<minute>1,31</minute>
<hour>0-5</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 adjkerntz -a</command>
</item>
<item>
<minute>1</minute>
<hour>3</hour>
<mday>1</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh</command>
</item>
<item>
<minute>*/60</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>

<command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 
sshlockout</command>

</item>
<item>
<minute>1</minute>
<hour>1</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 /etc/rc.dyndns.update</command>
</item>
<item>
<minute>*/60</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>

<command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 
virusprot</command>

</item>
<item>
<minute>*/60</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>

<command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -t 3600 
snort2c</command>

</item>
<item>
<minute>*/5</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/local/bin/checkreload.sh</command>
</item>
<item>
<minute>*/5</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/etc/ping_hosts.sh</command>
</item>
<item>
<minute>*/140</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/local/sbin/reset_slbd.sh</command>
</item>
</cron>
<wol/>
<installedpackages/>
<revision>

<description>/firewall_rules_edit.php made unknown 
change</description>

<time>1272412107</time>
</revision>
<rrd>
<enable/>
<category>traffic</category>
<style>inverse</style>
</rrd>
<ezshaper>
<step2>
<download>100000</download>
<upload>100000</upload>
<inside_int>lan</inside_int>
<outside_int>wan</outside_int>
</step2>
<step3>
<provider>Asterisk</provider>
<address/>
<bandwidth>128</bandwidth>
<enable>on</enable>
</step3>
<step4>
<address>mischeif</address>
<bandwidthup>356</bandwidthup>
<bandwidthdown>356</bandwidthdown>
<enable>on</enable>
</step4>
<step5>
<enable>on</enable>
<bandwidthup>20</bandwidthup>
<bandwidthdown>20</bandwidthdown>
<p2pcatchall>on</p2pcatchall>
<aimster>on</aimster>
<bittorrent>on</bittorrent>
<buddyshare>on</buddyshare>
<cutemx>on</cutemx>
<dcplusplus>on</dcplusplus>
<dcc>on</dcc>
<directconnect>on</directconnect>
<directfileexpress>on</directfileexpress>
<edonkey2000>on</edonkey2000>
<fasttrack>on</fasttrack>
<gnutella>on</gnutella>
<grouper>on</grouper>
<hotcomm>on</hotcomm>
<hotlineconnect>on</hotlineconnect>
<imesh>on</imesh>
<napster>on</napster>
<opennap>on</opennap>
<scour>on</scour>
<shareaza>on</shareaza>
<songspy>on</songspy>
<winmx>on</winmx>
</step5>
<step7>
<msrdp/>
<vnc/>
<appleremotedesktop/>
<pcanywhere/>
<irc/>
<jabber/>
<icq/>
<aolinstantmessenger/>
<msnmessenger/>
<teamspeak/>
<pptp/>
<ipsec/>
<streamingmp3/>
<rtsp/>
<http/>
<smtp/>
<pop3/>
<imap/>
<lotusnotes/>
<dns/>
<icmp/>
<smb/>
<snmp/>
<mysqlserver/>
<nntp/>
<cvsup/>
</step7>
</ezshaper>
<shaper>
<schedulertype>hfsc</schedulertype>
<queue>
<name>qwanRoot</name>
<associatedrule>0</associatedrule>
<priority>0</priority>
<parentqueue>on</parentqueue>
<bandwidth>100000</bandwidth>
<bandwidthtype>Kb</bandwidthtype>
</queue>
<queue>
<name>qlanRoot</name>
<associatedrule>0</associatedrule>
<priority>0</priority>
<parentqueue>on</parentqueue>
<bandwidth>100000</bandwidth>
<bandwidthtype>Kb</bandwidthtype>
</queue>
<queue>
<name>qwandef</name>
<attachtoqueue>qwanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<defaultqueue>true</defaultqueue>
<priority>1</priority>
<realtime>on</realtime>
<realtime3>1%</realtime3>
<bandwidth>1</bandwidth>
<bandwidthtype>%</bandwidthtype>
<qlimit>500</qlimit>
</queue>
<queue>
<name>qlandef</name>
<priority>1</priority>
<attachtoqueue>qlanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<defaultqueue>true</defaultqueue>
<realtime>on</realtime>
<realtime3>1%</realtime3>
<bandwidth>1</bandwidth>
<bandwidthtype>%</bandwidthtype>
<qlimit>500</qlimit>
</queue>
<queue>
<name>qwanacks</name>
<ack/>
<attachtoqueue>qwanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<priority>7</priority>
<realtime>on</realtime>
<realtime3>10%</realtime3>
<bandwidth>25</bandwidth>
<bandwidthtype>%</bandwidthtype>
</queue>
<queue>
<name>qlanacks</name>
<ack/>
<attachtoqueue>qlanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<priority>7</priority>
<realtime>on</realtime>
<realtime3>10%</realtime3>
<bandwidth>25</bandwidth>
<bandwidthtype>%</bandwidthtype>
</queue>
<queue>
<name>qVOIPUp</name>
<attachtoqueue>qwanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<priority>7</priority>
<realtime>on</realtime>
<realtime3>128Kb</realtime3>
<bandwidth>25</bandwidth>
<bandwidthtype>%</bandwidthtype>
</queue>
<queue>
<name>qVOIPDown</name>
<attachtoqueue>qlanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<priority>7</priority>
<realtime>on</realtime>
<realtime3>128Kb</realtime3>
<bandwidth>25</bandwidth>
<bandwidthtype>%</bandwidthtype>
</queue>
<queue>
<name>qPenaltyUp</name>
<attachtoqueue>qwanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<priority>2</priority>
<red>on</red>
<ecn>on</ecn>
<upperlimit>on</upperlimit>
<upperlimit3>356Kb</upperlimit3>
<bandwidth>1</bandwidth>
<bandwidthtype>%</bandwidthtype>
<qlimit>500</qlimit>
</queue>
<queue>
<name>qPenaltyDown</name>
<attachtoqueue>qlanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<priority>2</priority>
<red>on</red>
<ecn>on</ecn>
<upperlimit>on</upperlimit>
<upperlimit3>356Kb</upperlimit3>
<bandwidth>1</bandwidth>
<bandwidthtype>%</bandwidthtype>
<qlimit>500</qlimit>
</queue>
<queue>
<name>qP2PUp</name>
<attachtoqueue>qwanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<priority>1</priority>
<red>on</red>
<ecn>on</ecn>
<realtime>on</realtime>
<realtime3>1Kb</realtime3>
<upperlimit>on</upperlimit>
<upperlimit3>20Kb</upperlimit3>
<bandwidth>1</bandwidth>
<bandwidthtype>%</bandwidthtype>
<qlimit>500</qlimit>
</queue>
<queue>
<name>qP2PDown</name>
<attachtoqueue>qlanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<priority>1</priority>
<red>on</red>
<ecn>on</ecn>
<realtime>on</realtime>
<realtime3>1Kb</realtime3>
<upperlimit>on</upperlimit>
<upperlimit3>20Kb</upperlimit3>
<bandwidth>1</bandwidth>
<bandwidthtype>%</bandwidthtype>
<qlimit>500</qlimit>
</queue>
<rule>
<inqueue>qVOIPUp</inqueue>
<outqueue>qVOIPDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>10000-20000</port>
</destination>
<descr>m_voip Asterisk inbound</descr>
<protocol>udp</protocol>
</rule>
<rule>
<inqueue>qVOIPDown</inqueue>
<outqueue>qVOIPUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>10000-20000</port>
</destination>
<descr>m_voip Asterisk outbound</descr>
<protocol>udp</protocol>
</rule>
<rule>
<inqueue>qVOIPUp</inqueue>
<outqueue>qVOIPDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>5060-5069</port>
</destination>
<descr>m_voip Asterisk inbound</descr>
<protocol>udp</protocol>
</rule>
<rule>
<inqueue>qVOIPDown</inqueue>
<outqueue>qVOIPUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>5060-5069</port>
</destination>
<descr>m_voip Asterisk outbound</descr>
<protocol>udp</protocol>
</rule>
<rule>
<descr>Penalty IP</descr>
<inqueue>qPenaltyUp</inqueue>
<outqueue>qPenaltyDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<address>mischeif</address>
</destination>
</rule>
<rule>
<descr>Penalty IP</descr>
<inqueue>qPenaltyDown</inqueue>
<outqueue>qPenaltyUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<source>
<address>mischeif</address>
</source>
<destination>
<any/>
</destination>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>5500-5503</port>
</destination>
<descr>m_P2P HotlineConnect inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>4329-4329</port>
</destination>
<descr>m_P2P iMesh outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>4329-4329</port>
</destination>
<descr>m_P2P iMesh inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>6699-6701</port>
</destination>
<descr>m_P2P Napster outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>5500-5503</port>
</destination>
<descr>m_P2P HotlineConnect outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>8038-8039</port>
</destination>
<descr>m_P2P grouper inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>8038-8039</port>
</destination>
<descr>m_P2P grouper outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>6699-6701</port>
</destination>
<descr>m_P2P Napster inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>28864-28865</port>
</destination>
<descr>m_P2P hotComm outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>28864-28865</port>
</destination>
<descr>m_P2P hotComm inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>8311-8311</port>
</destination>
<descr>m_P2P Scour outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>5190-5190</port>
</destination>
<descr>m_P2P SongSpy outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>5190-5190</port>
</destination>
<descr>m_P2P SongSpy inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>6699-6699</port>
</destination>
<descr>m_P2P WinMX outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>6699-6699</port>
</destination>
<descr>m_P2P WinMX inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>6346-6346</port>
</destination>
<descr>m_P2P Shareaza inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>6346-6346</port>
</destination>
<descr>m_P2P Shareaza outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>8888-8889</port>
</destination>
<descr>m_P2P OpenNap inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>6346-6346</port>
</destination>
<descr>m_P2P Gnutella-UDP inbound</descr>
<protocol>udp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>8311-8311</port>
</destination>
<descr>m_P2P Scour inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>8888-8889</port>
</destination>
<descr>m_P2P OpenNap outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>4661-4665</port>
</destination>
<descr>m_P2P EDonkey2000 inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>6881-6999</port>
</destination>
<descr>m_P2P BitTorrent inbound</descr>
<protocol>udp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>7788-7788</port>
</destination>
<descr>m_P2P BuddyShare outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>7788-7788</port>
</destination>
<descr>m_P2P BuddyShare inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>2340-2340</port>
</destination>
<descr>m_P2P CuteMX outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>6881-6999</port>
</destination>
<descr>m_P2P BitTorrent outbound</descr>
<protocol>udp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>6881-6999</port>
</destination>
<descr>m_P2P BitTorrent inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>7668-7668</port>
</destination>
<descr>m_P2P Aimster outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>7668-7668</port>
</destination>
<descr>m_P2P Aimster inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>6881-6999</port>
</destination>
<descr>m_P2P BitTorrent outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>2340-2340</port>
</destination>
<descr>m_P2P CuteMX inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>6666-6668</port>
</destination>
<descr>m_P2P dcc outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>4661-4665</port>
</destination>
<descr>m_P2P EDonkey2000 outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>6346-6346</port>
</destination>
<descr>m_P2P Gnutella-TCP outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>6346-6346</port>
</destination>
<descr>m_P2P Gnutella-TCP inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>1044-1045</port>
</destination>
<descr>m_P2P DirectFileExpress inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>1044-1045</port>
</destination>
<descr>m_P2P DirectFileExpress outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>6666-6668</port>
</destination>
<descr>m_P2P dcc inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>412-412</port>
</destination>
<descr>m_P2P DirectConnect outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>412-412</port>
</destination>
<descr>m_P2P DirectConnect inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>6346-6346</port>
</destination>
<descr>m_P2P Gnutella-UDP outbound</descr>
<protocol>udp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
</destination>
<descr>p2pCatchAll outbound</descr>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
</destination>
<descr>p2pCatchAll inbound</descr>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
</destination>
<descr>p2pCatchAll outbound</descr>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
</destination>
<descr>p2pCatchAll inbound</descr>
</rule>
</shaper>
</pfsense>


---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org




---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org



---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org




---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org



---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org























					Reply via email to