LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 02-15-2013, 07:42 AM   #1
Weapon S
Member
 
Registered: May 2011
Location: Netherlands
Distribution: Debian, Archlinux
Posts: 260
Blog Entries: 2

Rep: Reputation: 49
Port forwarding: ufw/iptables not working?


I'm on Debian Squeeze. I wanted to configure my torrent client. I had installed ufw to make things easier. I'm pretty confident the router is set up properly. Client is using the specified port. So the firewall settings are the most likely failure. I have set ufw to accept the ports in question.
canyouseeme.org doesn't see the ports and torrents only download without upload. I had tried to disable ufw with same result.
So it might be my (new) ISP. Firewall is still more likely. Could somebody check this output of iptables --list? If it's bad, I'll uninstall ufw (which was supposed to make my life easier). If it's good, I'll check with my ISP.
Code:
Chain INPUT (policy DROP)
target     prot opt source               destination         
ufw-before-logging-input  all  --  anywhere             anywhere            
ufw-before-input  all  --  anywhere             anywhere            
ufw-after-input  all  --  anywhere             anywhere            
ufw-after-logging-input  all  --  anywhere             anywhere            
ufw-reject-input  all  --  anywhere             anywhere            
ufw-track-input  all  --  anywhere             anywhere            

Chain FORWARD (policy DROP)
target     prot opt source               destination         
ufw-before-logging-forward  all  --  anywhere             anywhere            
ufw-before-forward  all  --  anywhere             anywhere            
ufw-after-forward  all  --  anywhere             anywhere            
ufw-after-logging-forward  all  --  anywhere             anywhere            
ufw-reject-forward  all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
ufw-before-logging-output  all  --  anywhere             anywhere            
ufw-before-output  all  --  anywhere             anywhere            
ufw-after-output  all  --  anywhere             anywhere            
ufw-after-logging-output  all  --  anywhere             anywhere            
ufw-reject-output  all  --  anywhere             anywhere            
ufw-track-output  all  --  anywhere             anywhere            

Chain ufw-after-forward (1 references)
target     prot opt source               destination         

Chain ufw-after-input (1 references)
target     prot opt source               destination         
ufw-skip-to-policy-input  udp  --  anywhere             anywhere            udp dpt:netbios-ns 
ufw-skip-to-policy-input  udp  --  anywhere             anywhere            udp dpt:netbios-dgm 
ufw-skip-to-policy-input  tcp  --  anywhere             anywhere            tcp dpt:netbios-ssn 
ufw-skip-to-policy-input  tcp  --  anywhere             anywhere            tcp dpt:microsoft-ds 
ufw-skip-to-policy-input  udp  --  anywhere             anywhere            udp dpt:bootps 
ufw-skip-to-policy-input  udp  --  anywhere             anywhere            udp dpt:bootpc 
ufw-skip-to-policy-input  all  --  anywhere             anywhere            ADDRTYPE match dst-type BROADCAST 

Chain ufw-after-logging-forward (1 references)
target     prot opt source               destination         
LOG        all  --  anywhere             anywhere            limit: avg 3/min burst 10 LOG level warning prefix `[UFW BLOCK] ' 

Chain ufw-after-logging-input (1 references)
target     prot opt source               destination         
LOG        all  --  anywhere             anywhere            limit: avg 3/min burst 10 LOG level warning prefix `[UFW BLOCK] ' 

Chain ufw-after-logging-output (1 references)
target     prot opt source               destination         

Chain ufw-after-output (1 references)
target     prot opt source               destination         

Chain ufw-before-forward (1 references)
target     prot opt source               destination         
ufw-user-forward  all  --  anywhere             anywhere            

Chain ufw-before-input (1 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ufw-logging-deny  all  --  anywhere             anywhere            state INVALID 
DROP       all  --  anywhere             anywhere            state INVALID 
ACCEPT     icmp --  anywhere             anywhere            icmp destination-unreachable 
ACCEPT     icmp --  anywhere             anywhere            icmp source-quench 
ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded 
ACCEPT     icmp --  anywhere             anywhere            icmp parameter-problem 
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request 
ACCEPT     udp  --  anywhere             anywhere            udp spt:bootps dpt:bootpc 
ufw-not-local  all  --  anywhere             anywhere            
ACCEPT     all  --  base-address.mcast.net/4  anywhere            
ACCEPT     all  --  anywhere             base-address.mcast.net/4 
ufw-user-input  all  --  anywhere             anywhere            

Chain ufw-before-logging-forward (1 references)
target     prot opt source               destination         

Chain ufw-before-logging-input (1 references)
target     prot opt source               destination         

Chain ufw-before-logging-output (1 references)
target     prot opt source               destination         

Chain ufw-before-output (1 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ufw-user-output  all  --  anywhere             anywhere            

Chain ufw-logging-allow (0 references)
target     prot opt source               destination         
LOG        all  --  anywhere             anywhere            limit: avg 3/min burst 10 LOG level warning prefix `[UFW ALLOW] ' 

Chain ufw-logging-deny (2 references)
target     prot opt source               destination         
RETURN     all  --  anywhere             anywhere            state INVALID limit: avg 3/min burst 10 
LOG        all  --  anywhere             anywhere            limit: avg 3/min burst 10 LOG level warning prefix `[UFW BLOCK] ' 

Chain ufw-not-local (1 references)
target     prot opt source               destination         
RETURN     all  --  anywhere             anywhere            ADDRTYPE match dst-type LOCAL 
RETURN     all  --  anywhere             anywhere            ADDRTYPE match dst-type MULTICAST 
RETURN     all  --  anywhere             anywhere            ADDRTYPE match dst-type BROADCAST 
ufw-logging-deny  all  --  anywhere             anywhere            limit: avg 3/min burst 10 
DROP       all  --  anywhere             anywhere            

Chain ufw-reject-forward (1 references)
target     prot opt source               destination         

Chain ufw-reject-input (1 references)
target     prot opt source               destination         

Chain ufw-reject-output (1 references)
target     prot opt source               destination         

Chain ufw-skip-to-policy-forward (0 references)
target     prot opt source               destination         
DROP       all  --  anywhere             anywhere            

Chain ufw-skip-to-policy-input (7 references)
target     prot opt source               destination         
DROP       all  --  anywhere             anywhere            

Chain ufw-skip-to-policy-output (0 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            

Chain ufw-track-input (1 references)
target     prot opt source               destination         

Chain ufw-track-output (1 references)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere            state NEW 
ACCEPT     udp  --  anywhere             anywhere            state NEW 

Chain ufw-user-forward (1 references)
target     prot opt source               destination         

Chain ufw-user-input (1 references)
target     prot opt source               destination         
ACCEPT     udp  --  anywhere             anywhere            multiport dports 16383:16399 
ACCEPT     tcp  --  anywhere             anywhere            multiport dports 16383:16399 

Chain ufw-user-limit (0 references)
target     prot opt source               destination         
LOG        all  --  anywhere             anywhere            limit: avg 3/min burst 5 LOG level warning prefix `[UFW LIMIT BLOCK] ' 
REJECT     all  --  anywhere             anywhere            reject-with icmp-port-unreachable 

Chain ufw-user-limit-accept (0 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            

Chain ufw-user-logging-forward (0 references)
target     prot opt source               destination         

Chain ufw-user-logging-input (0 references)
target     prot opt source               destination         

Chain ufw-user-logging-output (0 references)
target     prot opt source               destination         

Chain ufw-user-output (1 references)
target     prot opt source               destination
 
Old 02-17-2013, 10:47 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590
Quote:
Originally Posted by Weapon S View Post
ICould somebody check this output of iptables --list? If it's bad, I'll uninstall ufw (which was supposed to make my life easier). If it's good, I'll check with my ISP.
UFW, and that goes for User Interfaces in general, is great if you don't (want to) know or learn about what goes under the hood. The downside is that when you want to control and verify rule logic, state filtering, chain policies and whatever else people mistake for "intricacies" you have to rely on whatever diagnostics the tool offers you. So if you choose to use a tool that "makes your life easier" then you should not post your rule set but find out how to use UFW. (BTW if you need to post iptables rules it's better to post the output of 'iptables-save'.)

While you have configured some ports and can choose to configure them in your Bittorrent software, firewall and router those are not the default ports the Bittorrent protocol uses. These are:
Code:
for port in {6881..6999}; do 
 sudo ufw allow ${port}/udp
 sudo ufw allow ${port}/tcp
done
*UDP first as that'll be the bulk of the traffic.
 
1 members found this post helpful.
Old 02-27-2013, 10:59 AM   #3
Weapon S
Member
 
Registered: May 2011
Location: Netherlands
Distribution: Debian, Archlinux
Posts: 260

Original Poster
Blog Entries: 2

Rep: Reputation: 49
Changing the ports did seem to fix it :-/ Voodoo.
Thanks for the solution.
 
Old 02-27-2013, 11:47 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590Reputation: 3590
You're welcome. Please mark thread "solved",
TIA.
 
Old 03-01-2013, 03:41 AM   #5
Weapon S
Member
 
Registered: May 2011
Location: Netherlands
Distribution: Debian, Archlinux
Posts: 260

Original Poster
Blog Entries: 2

Rep: Reputation: 49
AFAIK there is no standard torrent port. I'm reluctant to call this solved. Changing the ports should not have fixed this.
 
Old 03-21-2013, 04:03 AM   #6
Weapon S
Member
 
Registered: May 2011
Location: Netherlands
Distribution: Debian, Archlinux
Posts: 260

Original Poster
Blog Entries: 2

Rep: Reputation: 49
And... now it stopped working again. I need to do some network troubleshooting, not try random things.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Ubuntu Server UFW Port Forwarding jemate18 Linux - Server 1 10-23-2011 10:39 AM
iptables port forwarding not working... robertjinx Linux - Server 8 03-27-2010 07:01 AM
IPtables port-forwarding not working. Ratclaws Linux - Networking 3 04-12-2005 09:14 AM
iptables port forwarding not working! friendklay Linux - Networking 1 03-23-2005 07:37 AM
Port forwarding with iptables is not working?!! philipina Linux - Networking 1 04-03-2004 04:18 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 02:23 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration