Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
08-27-2003, 09:46 PM
|
#1
|
Member
Registered: Aug 2003
Location: Atlanta
Distribution: Debian, OS X
Posts: 711
Rep:
|
BitTorrent + iptables = a confused me
okay well i opened up the first port that BT looks at on my router, so all i need to do is open up the port (6881) on my firewall run by iptables. im not really fluent with the program (although i have gotten links to the website http://www.iptables.org which is good) but i was hoping if someone could give me the commands neccessary to allow iptables to recieve (and i assume since its BT) to send through the port 6881. i plan on learning iptables so i apologize if it sounds like im lazy, i would just like a solution ASAP so i can download some stuff ^_^. any help would be greatly appreciated.
|
|
|
08-28-2003, 07:39 AM
|
#2
|
LQ Veteran
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
|
Answering this properly requires a bit more knowledge about your firewall. The rule you want to add is something like
iptables -A INPUT -p tcp --dport 6881 -j ACCEPT
However if there is a rule eariler in the table that would drop these packets for some reason, this rule will never see the packets to accept them.
It would help a great deal if you could post your iptables script. Then we could make sure the rule goes in the right place.
|
|
|
08-28-2003, 11:21 AM
|
#3
|
Member
Registered: Aug 2003
Location: Atlanta
Distribution: Debian, OS X
Posts: 711
Original Poster
Rep:
|
sorry i should've posted it earlier. i have a basic firewall set up that i copied from the Red Hat For Dummies book. I haven't really worried about it but i KNOW that it will make BT d/l go really slow or not work at all.
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED
Chain RH-Lokkit-0-50-INPUT (0 references)
target prot opt source destination
ACCEPT udp -- clock.redhat.com anywhere udp spt:ntp dpt:ntp
ACCEPT udp -- clock.redhat.com anywhere udp spt:ntp dpt:ntp
ACCEPT udp -- 192.168.0.1 anywhere udp spt:domain dpts:1025:65535
also if you have any recommendations on changing my current settings that would make it better please feel free to input and thank you ^_^
|
|
|
08-28-2003, 03:03 PM
|
#4
|
LQ Veteran
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
|
You've posted the output of iptables -L. However, from the looks of it, you're using Lokkit to configure your firewall. Is that true? If so, you're going to have to read the Lokkit documentation to find out how to open a specific port. I don't use lokkit, so I can't offer any advice if you go that way.
If you're working off of your own iptables script, or if you can find the lokkit script, you could add the line I had in my first post. Looking at your input rules, I don't think that you need to put it in front of the REALTED,ESTABLISHED rule, but it couldn't hurt. You may also need to put a similar rule in your OUTPUT table. Just change the INPUT in my first post to OUTPUT.
Your current firewall looks like it allows connections originating from inside your machine to work, but should stop things from coming in. However, you should go visit the first thread in the Security forum and start reading on how to harden your box. One of the easiest things to do is run netstat -l to find out what services are running and shut down any services that you don't use. Firewalls are good, but they aren't perfect and the fewer services you have running the better.
|
|
|
08-28-2003, 04:50 PM
|
#5
|
Member
Registered: Aug 2003
Location: Atlanta
Distribution: Debian, OS X
Posts: 711
Original Poster
Rep:
|
okay thanks a bunch. as for the lokkit thing, im not too sure about that. my guess is since its dealing with the Red Hat Network clock thing (which i didn't physically set up i just told red hat when i was installed to connect to that network to make sure my time is always right) but im positive i did the rest in iptables. anyways thanks for all your help ^_^
|
|
|
All times are GMT -5. The time now is 02:26 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|