Hi there,

I have difficulties opening a single specific port on my linux machine for my BitTorrent client. When probing this or any other port using grc.com I only get status 'stealth' (the infamous NAT-problem), although I adjusted iptables configuration and set port forwarding on both my modem and router. I am obviously overlooking something elementary here, but that's what being newbie is all about, isn't it? I've been searching the net and any forum possible, but nothing works well. So now I turn to you in utter despair...

My configuration looks like this:

ADSL modem --->--- Broadband Router --->--- 2 Linux machines and a Windows box

- My ADSL modem receives a dynamic IP from my ISP. I set port forwarding from 0.0.0.0:myport to privateIP:myport for both tcp and udp.
- My Broadband router with static IP is also forwarding the same port to the same address.
- I configured iptables on my Linux machine (RH9, fixed IP) according to the Azureus Wiki.

When running Azureus, netstat -pantu returns
tcp 0 0 privateIP:myport 0.0.0.0:* LISTEN 1581/java
so that's working fine.

Shutting down iptables didn't work, port probing keeps returning 'stealth'. Probing for port 80 too. Very confusing. I think it has something to do with my network setup, but I don't know what. Searching the internet only gives me headaches.

netstat -r returns the following:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
x.x.0.0 * 255.255.255.0 U 0 0 0 eth0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default routerIP 0.0.0.0 UG 0 0 0 eth0


Everything is working perfectly fine, also Azureus (but only with the NAT-error). Can anyone help me? I know this problem has come up numerous times in numerous forums, but no description fits my problem.
Thanks in advance,

Ask

What port on the router have you opened to the world? And are specifically scanning for that port on grc.com?

Personally for me it's easier to run nmap against the router from another machine out on the web. But I am sure using grc.com should have the same effect.

Until that router port is opened you will not be getting anywhere.

I don't know, actually. I tried nmap -sT and nmap -p 1-myport on both my router and on my ADSL modem, but myport doesn't show up.

My modem shows ftp, telnet, http, pptp and a port unknown to me, my router domain, http and two unknown ports.

I also tried to nmap ports on the adjacent linux-box in my network, but that gave no results.

If this is My Problem, then how can I open my router to the world?

Are you trying this against the router's internal interface? If so, that will not tell you what you want. You need to test against the external interface - as I said from somewhere out on the web.

Check the router manual. You need to explicitly tell it to open a port and forward requests to it to the correct machine on your private network. If you have done this correctly, a port scan from the outside world will show the port as open. That's step 1 anyway..

Yes! I did it! Port probing using grc.com gave 'open'. I had to change port forwarding in my ADSL modem from my machine's private IP to my router's WAN IP. Port forwarding in my router to my private IP was correct.

And tell you what, I actually got those green smileys in Azureus, indicating that it's working fine now!

Thank you so much for your help putting me on the right track.

Ask.