LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 08-27-2003, 09:46 PM   #1
GT_Onizuka
Member
 
Registered: Aug 2003
Location: Atlanta
Distribution: Debian, OS X
Posts: 711

Rep: Reputation: 30
BitTorrent + iptables = a confused me


okay well i opened up the first port that BT looks at on my router, so all i need to do is open up the port (6881) on my firewall run by iptables. im not really fluent with the program (although i have gotten links to the website http://www.iptables.org which is good) but i was hoping if someone could give me the commands neccessary to allow iptables to recieve (and i assume since its BT) to send through the port 6881. i plan on learning iptables so i apologize if it sounds like im lazy, i would just like a solution ASAP so i can download some stuff ^_^. any help would be greatly appreciated.
 
Old 08-28-2003, 07:39 AM   #2
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,778
Blog Entries: 1

Rep: Reputation: 412Reputation: 412Reputation: 412Reputation: 412Reputation: 412
Answering this properly requires a bit more knowledge about your firewall. The rule you want to add is something like

iptables -A INPUT -p tcp --dport 6881 -j ACCEPT


However if there is a rule eariler in the table that would drop these packets for some reason, this rule will never see the packets to accept them.

It would help a great deal if you could post your iptables script. Then we could make sure the rule goes in the right place.
 
Old 08-28-2003, 11:21 AM   #3
GT_Onizuka
Member
 
Registered: Aug 2003
Location: Atlanta
Distribution: Debian, OS X
Posts: 711

Original Poster
Rep: Reputation: 30
sorry i should've posted it earlier. i have a basic firewall set up that i copied from the Red Hat For Dummies book. I haven't really worried about it but i KNOW that it will make BT d/l go really slow or not work at all.

Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED

Chain FORWARD (policy DROP)
target prot opt source destination

Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED

Chain RH-Lokkit-0-50-INPUT (0 references)
target prot opt source destination
ACCEPT udp -- clock.redhat.com anywhere udp spt:ntp dpt:ntp
ACCEPT udp -- clock.redhat.com anywhere udp spt:ntp dpt:ntp
ACCEPT udp -- 192.168.0.1 anywhere udp spt:domain dpts:1025:65535


also if you have any recommendations on changing my current settings that would make it better please feel free to input and thank you ^_^
 
Old 08-28-2003, 03:03 PM   #4
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,778
Blog Entries: 1

Rep: Reputation: 412Reputation: 412Reputation: 412Reputation: 412Reputation: 412
You've posted the output of iptables -L. However, from the looks of it, you're using Lokkit to configure your firewall. Is that true? If so, you're going to have to read the Lokkit documentation to find out how to open a specific port. I don't use lokkit, so I can't offer any advice if you go that way.

If you're working off of your own iptables script, or if you can find the lokkit script, you could add the line I had in my first post. Looking at your input rules, I don't think that you need to put it in front of the REALTED,ESTABLISHED rule, but it couldn't hurt. You may also need to put a similar rule in your OUTPUT table. Just change the INPUT in my first post to OUTPUT.

Your current firewall looks like it allows connections originating from inside your machine to work, but should stop things from coming in. However, you should go visit the first thread in the Security forum and start reading on how to harden your box. One of the easiest things to do is run netstat -l to find out what services are running and shut down any services that you don't use. Firewalls are good, but they aren't perfect and the fewer services you have running the better.
 
Old 08-28-2003, 04:50 PM   #5
GT_Onizuka
Member
 
Registered: Aug 2003
Location: Atlanta
Distribution: Debian, OS X
Posts: 711

Original Poster
Rep: Reputation: 30
okay thanks a bunch. as for the lokkit thing, im not too sure about that. my guess is since its dealing with the Red Hat Network clock thing (which i didn't physically set up i just told red hat when i was installed to connect to that network to make sure my time is always right) but im positive i did the rest in iptables. anyways thanks for all your help ^_^
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
shell got confused with iptables ... ilnli Linux - Security 7 02-12-2005 07:02 AM
shell got confused with iptables ... ilnli Linux - Security 1 02-09-2005 09:10 PM
IPtables & Bittorrent robot5x Linux - Security 8 09-14-2004 03:53 PM
bittorrent / iptables (?) problem (works more or less :x) nei Linux - Networking 2 03-31-2004 06:34 AM
using bittorrent through iptables on gateway (slackw) Freefire Linux - Security 3 01-05-2004 10:29 AM


All times are GMT -5. The time now is 07:20 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration