Azureus NAT problem
Hi
I have set Azureus to use port 50505. I use the Firewall and SELinux of Centos. Here is a printout of my iptables status: Table: filter Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT tcp -- 0.0.0.0/0 192.168.1.1 tcp dpt:50505 Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:50505 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:50505 Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255 ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0 ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0 ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:50505 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:50505 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited My hardware gateway is currently set with a virtual server to the internal IP address and port number of the Azureus machine. Ive read through lots of posts, the firewall doc and the iptables doc but nothing seems to help. I did a port scan and 50505 does not show up? Anyway Ive spent about 2 days on this and given up. Any help greatly appreciated. Thanks |
The only reference to open the port should be in the last section. Post your /etc/sysconfig/iptables script.
What are you using to portscan with? Brian1 |
Hi Brian
thanks for your reply and here is the file: # Generated by iptables-save v1.2.11 on Fri Nov 11 13:20:40 2005 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [98086:66554731] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A OUTPUT -p tcp -m tcp --dport 50505 -j ACCEPT -A OUTPUT -p udp -m udp --dport 50505 -j ACCEPT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p ipv6-crypt -j ACCEPT -A RH-Firewall-1-INPUT -p ipv6-auth -j ACCEPT -A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 50505 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 50505 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT # Completed on Fri Nov 11 13:20:40 2005 Any ideas? Regards Ian |
This is the way I would configure it. This should work as long as the following exist.
1. Azureus is configured on tcp port 50505 2. If there is firewall router between computer and the internet, then the wan tcp port 50505 needs to be forwarded to internal lan machine running Azureus. This works best when the lan machine uses static IP versus getting one from the routers DHCP pool. That should be all that is needed since there is no blocking of outbound connections, so no outbound line is needed. # Generated by iptables-save v1.2.11 on Fri Nov 11 13:20:40 2005 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p ipv6-crypt -j ACCEPT -A RH-Firewall-1-INPUT -p ipv6-auth -j ACCEPT -A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 50505 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT Hope this helps. Any questions please ask away. Brian1 |
No luck Im afraid. Placed exactly what you have written and checked my harware gateway with has the azureus machine listed as a virtual server with port 50505.
Even if I deactivate the CentOS firewall and SELinux nothing changes. I am getting "blue faces" which according to the documentation indicates a NAT error. If that helps? Thanks Ian |
Is htis the default port for Azureus?
If not try setting it to the default on both firewall and router. It might be best to leave the firewall turned off till you can get the router to port forward to the llinux's lan IP. Brian1 |
Azureus being a bittorrent in Java...uses the default bittorrent port 6881.
|
Hi
thanks for your replies. It seems some ISPs are wise to BitTorrents and do not like the concept and block the default ports. Users are avised to make their own. Here is what I have found though. I am running a private lan 192.168.1.* and did not realise that it is sitting in aother private lan 172.26.0.* which has the gateway link to the Internet. I am trying to find out how to login to it as this is where I guess I should set the Azureus details. Thanks Ian |
All times are GMT -5. The time now is 01:40 PM. |