LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices



Reply
 
Search this Thread
Old 05-18-2006, 10:45 AM   #1
sitmex
Member
 
Registered: Mar 2004
Location: Guadalajara, Mexico
Distribution: Fedora Core 3
Posts: 30

Rep: Reputation: 15
Question Azureus and Firestarter Configuration Errors


Good day

I've recently installed Firestarter and Azureus, and I have some problems with the two of them...

Firestarter: I've accidentally deleted all default configuration, so everytime I shutdown or reboot my computer, I have to go in to firestarter to shut it down or stop the firewall. I'm so frustrated since I didn't took note on the defaults, anyway, neither Web browsing nor Instant Messaging works. Haven't really tryed other things such as yum updating, pings, ftp or something else.

On the other hand Azureus reports a NAT Error on every port I have tried, even though, in iptables ports 6881 trough 6889 are open to UDP and TCP (I think, since My knowledge in iptables, firewalls and such things is quite limited) Yes, I'm a Linux Newbie...

Here it is the result of "iptables -L" with firestarter shuted down:
Code:
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     tcp  --  10.10.6.7            anywhere            tcp flags:!SYN,RST,ACK/SYN
ACCEPT     udp  --  10.10.6.7            anywhere
ACCEPT     tcp  --  10.10.8.6            anywhere            tcp flags:!SYN,RST,ACK/SYN
ACCEPT     udp  --  10.10.8.6            anywhere
ACCEPT     tcp  --  dns.cybercable.net.mx  anywhere            tcp flags:!SYN,RST,ACK/SYN
ACCEPT     udp  --  dns.cybercable.net.mx  anywhere
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere            limit: avg 10/sec burst 5
DROP       all  --  anywhere             255.255.255.255
DROP       all  --  anywhere             255.255.255.255
DROP       all  --  BASE-ADDRESS.MCAST.NET/8  anywhere
DROP       all  --  anywhere             BASE-ADDRESS.MCAST.NET/8
DROP       all  --  255.255.255.255      anywhere
DROP       all  --  anywhere             0.0.0.0
DROP       all  --  anywhere             anywhere            state INVALID
LSI        all  -f  anywhere             anywhere            limit: avg 10/min burst 5
INBOUND    all  --  anywhere             anywhere
LOG_FILTER  all  --  anywhere             anywhere
LOG        all  --  anywhere             anywhere            LOG level info prefix `Unknown Input'

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere            limit: avg 10/sec burst 5
LOG_FILTER  all  --  anywhere             anywhere
LOG        all  --  anywhere             anywhere            LOG level info prefix `Unknown Forward'

Chain OUTPUT (policy DROP)
target     prot opt source               destination
ACCEPT     tcp  --  10.201.25.118        10.10.6.7           tcp dpt:domain
ACCEPT     udp  --  10.201.25.118        10.10.6.7           udp dpt:domain
ACCEPT     tcp  --  10.201.25.118        10.10.8.6           tcp dpt:domain
ACCEPT     udp  --  10.201.25.118        10.10.8.6           udp dpt:domain
ACCEPT     tcp  --  10.201.25.118        dns.cybercable.net.mx tcp dpt:domain
ACCEPT     udp  --  10.201.25.118        dns.cybercable.net.mx udp dpt:domain
ACCEPT     all  --  anywhere             anywhere
DROP       all  --  BASE-ADDRESS.MCAST.NET/8  anywhere
DROP       all  --  anywhere             BASE-ADDRESS.MCAST.NET/8
DROP       all  --  255.255.255.255      anywhere
DROP       all  --  anywhere             0.0.0.0
DROP       all  --  anywhere             anywhere            state INVALID
OUTBOUND   all  --  anywhere             anywhere
LOG_FILTER  all  --  anywhere             anywhere
LOG        all  --  anywhere             anywhere            LOG level info prefix `Unknown Output'

Chain INBOUND (1 references)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     udp  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            tcp dpts:6881:6889
ACCEPT     udp  --  anywhere             anywhere            udp dpts:6881:6889
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
ACCEPT     udp  --  anywhere             anywhere            udp dpt:http
LSI        all  --  anywhere             anywhere

Chain LOG_FILTER (5 references)
target     prot opt source               destination

Chain LSI (2 references)
target     prot opt source               destination
LOG_FILTER  all  --  anywhere             anywhere
LOG        tcp  --  anywhere             anywhere            tcp flags:SYN,RST,ACK/SYN limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP       tcp  --  anywhere             anywhere            tcp flags:SYN,RST,ACK/SYN
LOG        tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP       tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/RST
LOG        icmp --  anywhere             anywhere            icmp echo-request limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP       icmp --  anywhere             anywhere            icmp echo-request
LOG        all  --  anywhere             anywhere            limit: avg 5/sec burst 5 LOG level info prefix `Inbound '
DROP       all  --  anywhere             anywhere

Chain LSO (1 references)
target     prot opt source               destination
LOG_FILTER  all  --  anywhere             anywhere
LOG        all  --  anywhere             anywhere            limit: avg 5/sec burst 5 LOG level info prefix `Outbound '
REJECT     all  --  anywhere             anywhere            reject-with icmp-port-unreachable

Chain OUTBOUND (1 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     udp  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            tcp dpts:bootps:bootpc
ACCEPT     udp  --  anywhere             anywhere            udp dpts:bootps:bootpc
ACCEPT     tcp  --  anywhere             anywhere            tcp dpts:6881:6889
ACCEPT     udp  --  anywhere             anywhere            udp dpts:6881:6889
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
ACCEPT     udp  --  anywhere             anywhere            udp dpt:http
LSO        all  --  anywhere             anywhere

Any Ideas on how should I proceed in order to have the both programs running as they should.

Box: Fedora Core 3 with 2.6.12-1.1381_FC3 Kernel i386 Arch.

It might be worth to mention that I do not have any routers or other devices attached to my network, it's a stand alone computer connected directly to my 'cable-modem'


Thanks in advance for your help

Regards

Last edited by sitmex; 05-18-2006 at 10:48 AM.
 
Old 05-18-2006, 12:53 PM   #2
drkstr
Senior Member
 
Registered: Feb 2006
Location: Seattle, WA: USA
Distribution: Slackware 11.0
Posts: 1,191

Rep: Reputation: 45
I'm not an expert in iptables, but I know enough to get me by. I'm not sure what the INBOUND chain is used for, but I have mine opened under the INPUT chain:
Quote:
iptables -A INPUT -p TCP --dport 6881:6889 -i ${WAN} -j ACCEPT
and it seems to work for me. My iptables -L shows:
Code:
Chain INPUT (policy ACCEPT)
...
ACCEPT     tcp  --  anywhere             anywhere            tcp dpts:6881:6889
Hope this helped some.

regards,
...drkstr
 
Old 05-19-2006, 02:29 PM   #3
sitmex
Member
 
Registered: Mar 2004
Location: Guadalajara, Mexico
Distribution: Fedora Core 3
Posts: 30

Original Poster
Rep: Reputation: 15
Nu luck

When typing the code Error occurs stating that ACCEPT is a bad argument
Code:
iptables -A INPUT -p TCP --dport 6881:6889 -i ${WAN} -j ACCEPT
Warning: wierd character in interface `-j' (No aliases, :, ! or *).
Bad argument `ACCEPT'
Any other Ideas?
 
Old 05-19-2006, 02:49 PM   #4
drkstr
Senior Member
 
Registered: Feb 2006
Location: Seattle, WA: USA
Distribution: Slackware 11.0
Posts: 1,191

Rep: Reputation: 45
ACEEPT isn't the problem, it's just saying there is a bad argument in the ACCEPT chain. The problem is in the '-i ${WAN}' part. In my rc.firewall script, I set the variable WAN=eth0 which is the network device that connects to the internet. I have another one, LAN=eth1, which is the network device for all of my network traffic. You need to replace WAN with the network device you are using.

regards,
...drkstr

**edit**
for example:
Code:
iptables -A INPUT -p TCP --dport 6881:6889 -i eth0 -j ACCEPT
**edit**

Last edited by drkstr; 05-19-2006 at 02:54 PM.
 
Old 05-19-2006, 05:49 PM   #5
sitmex
Member
 
Registered: Mar 2004
Location: Guadalajara, Mexico
Distribution: Fedora Core 3
Posts: 30

Original Poster
Rep: Reputation: 15
oops.

I haven't noticed it, sorry to bother...
 
Old 05-30-2006, 07:36 PM   #6
sitmex
Member
 
Registered: Mar 2004
Location: Guadalajara, Mexico
Distribution: Fedora Core 3
Posts: 30

Original Poster
Rep: Reputation: 15
Exclamation Apparently My ISP is blocking ports/torrents

Well,

Just for fun I went to Windows and installed Azureus, and everithing went ok, but the same problems were faced, NAT errors.

BUt they advised me to use Bit Comet but there is no release for Linux

And now from windows I am posting this reply and downloading some songs with BitComet. 0.67

Regards.
 
Old 05-30-2006, 08:26 PM   #7
drkstr
Senior Member
 
Registered: Feb 2006
Location: Seattle, WA: USA
Distribution: Slackware 11.0
Posts: 1,191

Rep: Reputation: 45
I ran azureus just fine when I configured my iptables correctly. Don't blame Linux for a user error. I would suggest getting rid of that over the top firewall script you're using and start with just the basics. It would be more secure then using windows anyways. Once you get it working fine, you can start building a more secure firewall script that works around azureus.

Let me know if you need any help setting up some basic firewall rules.

regards,
...drkstr
 
  


Reply

Tags
azureus, firestarter, iptables


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Azureus filling up .xsession-errors SpaceGhoti Ubuntu 4 04-30-2006 11:36 PM
Azureus Router configuration aldimeneira Linux - Networking 0 11-01-2005 11:53 PM
NAT errors in Azureus. jc_firestorm Linux - General 2 03-14-2005 07:39 PM
firestarter errors after apt-get upgrade Outabux Debian 2 03-03-2005 02:07 AM
Azureus...final configuration hlinux Fedora 1 02-01-2005 02:27 AM


All times are GMT -5. The time now is 01:59 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration