LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   iptables open port for Azureus (https://www.linuxquestions.org/questions/linux-security-4/iptables-open-port-for-azureus-418064/)

Berticus 02-21-2006 01:02 PM
iptables open port for Azureus
 
Azureus suggests opening a port within the range of 49152-65535. The first time I booted up Azureus it was using 6881, and it was fine. Then I reboot, and re-opened Azureus, and iptables wouldn't allow it to recieve packages. I wanted to download Xanrdos, but didn't want to cough up $10 for the http download. Anyway, So I tried out the tcp testing tool that comes with Azureus, and I get the NAT error. I check out the tables of NAT, and everything is allowed. I take a look at filter, and everything, except 22, is closed. So I added the following line:
Code:
  iptables -t filter -A INPUT -p tcp --dport 57310 -j ACCEPT
  iptables -t filter -A INPUT -p udp --dport 57310 -j ACCEPT
restarted netfilter, and still nothing. I then tried this out:
Code:
  iptables -t filter -A INPUT -p tcp --dport 57310 -j ACCEPT
  iptables -t filter -A INPUT -p udp --dport 57310 -j ACCEPT
  iptables -t filter -A INPUT -p tcp --sport 57310 -j ACCEPT
  iptables -t filter -A INPUT -p udp --sport 57310 -j ACCEPT
Once again restarted netfilter, and once again no results. So I tried one more thing:
Code:
  iptables -I INPUT -p TCP --dport 49152:65535 -m state --state NEW -j ACCEPT
I restarted netfilter, and again nothing yield. Now I've completely run out of ideas...

markus1982 02-21-2006 02:08 PM
What does
Quote:
iptables -L -nv
say after bootup of the machine?

Berticus 02-21-2006 03:32 PM
Code:
Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target    prot opt in    out    source              destination
    0    0 ACCEPT    tcp  --  *      *      0.0.0.0/0            0.0.0.0/0        tcp dpts:49152:65535 state NEW
  353  336K ACCEPT    all  --  *      *      0.0.0.0/0            0.0.0.0/0        state RELATED,ESTABLISHED
    5  348 ACCEPT    all  --  lo    *      0.0.0.0/0            0.0.0.0/0
    0    0 ACCEPT    tcp  --  *      *      0.0.0.0/0            0.0.0.0/0        tcp dpt:22

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target    prot opt in    out    source              destination
    0    0 ACCEPT    all  --  *      *      0.0.0.0/0            0.0.0.0/0        state RELATED,ESTABLISHED

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target    prot opt in    out    source              destination
  336 65895 ACCEPT    all  --  *      *      0.0.0.0/0            0.0.0.0/0        state RELATED,ESTABLISHED
    5  348 ACCEPT    all  --  *      lo      0.0.0.0/0            0.0.0.0/0
  16  969 ACCEPT    all  --  *      *      0.0.0.0/0            0.0.0.0/0
When I change the policy to ACCEPT it works fine, so it's gotta be a firewall problem.


All times are GMT -5. The time now is 12:23 PM.