hey guys whats up... iam having a HUGE issue.. ok this is whats up..

it all started off when i had problems with damn hackers...

i downloaded this firewall called "firestarter" (one of its dependicies included "iptables")

it helped me in the most part blocking those idiots.. but.. then i started to notice later on when i wanted to get a file from fileplanet ( a torrent) my torrent client was giving me a yellow smiley face which indecated i had a NAT problem..

i released that maybe i should start using my router as a firewall, i have a Linksys 4 port router BEFSR41 V.1 / V.2.

so i removed firestarter and iptables and i forwarded the correct ports on my router and i was still getting the same issue..NAT problem..

so then i opened a DMZ host so everythig is open.. and STILL i get a NAT problem..and then last resort i upgraded my firmware and nothing so through the process of elimiation i came to the conclusion it has to be seomthing software based on my box.. and to be honest.. iam soo stumped its not even funny..

My distro is Debian

if anyone can help me with this horrible problem it would be greatly appreciated..
i cant recieve anything through amsn..gaim..irc..bittorent etc...

For the Linksys router, make sure that the "Block WAN requests" option is unselected. Also make sure that under the "FORWARDING" tab you have the port forwarding properly configured (Ext. ports 6881-6999 , TCP box checked, the correct LAN host IP address is specified, and that the "Enable" box is selected).

For the linux box, make sure that iptables is off while testing (or alternatively use:

/sbin/iptables -F
/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P OUTPUT ACCEPT
*DON"T LEAVE YOUR FIREWALL IN THIS STATE*

I've seen bittorrent used with the identical router and it worked fine.

W00t thanks man that worked.. it was iptables conflicting with it

so it is safe to remove iptables now? since i will use my router as my firewall?

In theory probably yes, but I'd recommend using a second firewall on the internal machine. That way your entire network security doesn't collapse if the linksys fails or is somehow exploited. If you post your current firewall rules. I'm sure that we can come up with something that is secure while still allowing the services that you need. Make sure to remove any IP public addresses that might be identifiable before posting.

ok ya iam probably going to run that firewall again..

ok iam seeing these things.. i havent played with a firewall in a while but i know its pretty easy..

ok is this normal... i reset my routers settings to start from scratch.. and i set all my ports that i want forwarded... ok i have a VM of windows XP

now i log into my VM and i try to connect to my pc with SSH.. and it wont allow me until i forward my port.. sot htat is fine.. but when i open my ftp program i can connect to my own ftp without forwarding the ports... and irc i can recieve stuff without forwarding the ports

is this normal?

ok iam seeing these things.. i havent played with a firewall in a while but i know its pretty easy..
Probably need something like:
/sbin/iptables -I INPUT -p tcp --dport 6881:6999 -j ACCEPT

ok is this normal... i reset my routers settings to start from scratch.. and i set all my ports that i want forwarded... ok i have a VM of windows XP
I'm sort of confused about your setup (you have WindowsXP running on VMware inside Debian?). Maybe you can explain your setup in a bit more detail?

ya i have Windows XP as a Virtual Machine (vmware) inside my debian box

basically the issue iam having is iam not to sure if its blocking everything..

And the you're running the bittorrent client on the XP VM or natively in Debian?

Wrt to the other services being accessible, enable the "Block WAN Requests" and only have the port forwarding enabled for which ever ports you wish to allow.