Re: Azureus and the TCP port 6881
On Monday 06 February 2006 07:30, Marcelo Chiapparini wrote:
>Hello Gene,
>
>thank you very much for your answer. However, I am a completly
> ignorant regarding NAT... after reading your advice, I went to the
> NAT howto and I was scared...
>
>On Mon, 2006-01-30 at 19:26 -0500, Gene Heskett wrote:
>> On Monday 30 January 2006 17:59, Marcelo Chiapparini wrote:
>> >Dear debianners,
>> >
>> >I've just installed Azureus as my .torrent client. During its
>> >configuration the wizard checks for the 6881 TCP port reporting the
>> >following message: "Testing port 6881... NAT error". I would like
>> > to know how to open this port. I've surfed the list, googled the
>> > web without success. I am wired to the Internet by an ADSL
>> > connection. I wonder if this problem involves my Internet
>> > provider...
>> >Thanks in advance for any help!
>>
>> More than likely you'll need to setup a NAT rule in iptables.
>
>iptables is, in fact, an (from the man page) "administration tool for
>IPv4 packet filtering and NAT". You suggest to use iptables to set up
> a NAT rule, isn't?
>
>> I have
>> the NAT being done in the router,
>
>my router, I guess, is with my IP provider... I can't do anything in
>that machine...
Then you are essentially at his mercy. I'd lock it up as tightly as I
could with iptables, portsentry, and tcpwrappers. I use them all.
>> by forwarding this range of ports
>> directly to this machines address. Its all setup in the router for
>> that.
>>
>> But I also have to open up iptables a wee bit on my firewall box,
>> with this rule:
>
>I don't have a firewall installed in my machine...
Ouch! Do so ASAP! There are scripts around to take some of the mystery
and apprehension out of that, and I've heard that 'firestarter' is a
good one although I've never used any of those types of tools myself.
With the upcoming cybersecurity exersize, I'd try to be well prepared.
From what I read, the network will be dossed pretty good by this. I do
expect to see an entry or 2 in my logs although attackers have only
made it to the logs 3 times in 3 years and thats as far as they got.
An aggressive scan by satan & its ilk from outside, finds nothing, and
doesn't make the logs here. So I think I've in pretty good shape.
>> -----------
>> #!/bin/bash
>> BTFORWARDADDR=192.168.xx.3 PORTSTART=6881 PORTEND=6999
>> /sbin/iptables -A FORWARD -s $BTFORWARDADDR -p tcp --dport
>> $PORTSTART: $PORTEND -j ACCEPT
>> -----------
>> Where the "xx" is a real number of course.
>
>My problem is that I want to open port 6881 (or another one,following
>Chris Howie's tip) for Azureus. I have sarge installed in my machine
> at home, wired to my Internet Provider trough an ADSL connection. I
> would like to be able to open the ports without having to study the
> gory details of NAT... sorry, I am not lazy, I don't have the time
> for it...
>
>With the best regards,
>
>Marcelo
>
>
>--
>Marcelo Chiapparini
>chiappa@oi.com.br
--
Cheers, Gene
People having trouble with vz bouncing email to me should add the word
'online' between the 'verizon', and the dot which bypasses vz's
stupid bounce rules. I do use spamassassin too. :-)
Yahoo.com and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2006 by Maurice Eugene Heskett, all rights reserved.
Reply to: