aMule Forum

English => en_Linux => Topic started by: Guest on November 02, 2003, 04:47:51 PM

Title: port 4662
Post by: Guest on November 02, 2003, 04:47:51 PM

I have mdk 9.1 and Guarddog firewall. I  can't connect with amule because port 4662 is not allowed.  I have tried to configured guarddog defining a new protocoll type TCP and port 4662, but still I can't connect.
Can you help me?
Thanks

Title: Re: port 4662
Post by: deltaHF on November 02, 2003, 11:07:49 PM

try as root:

iptables -A INPUT -p tcp --dport 4662 -j ACCEPT
iptables -A INPUT -p udp --dport 4665 -j ACCEPT
iptables -A INPUT -p udp --dport 4672 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 4662 -j ACCEPT
iptables -A OUTPUT -p udp --dport 4665 -j ACCEPT
iptables -A OUTPUT -p udp --dport 4672 -j ACCEPT

greets
delta

Title: Re: port 4662
Post by: Guest on November 05, 2003, 03:23:10 AM

Are you sure you've got it setup right?

I used to use Mdk 9.1 and Guarddog, and it was working fine. Have it setup with MDK 9.2 now.

I did the following:

- Set port 4662 for TCP and 4672 for UDP (bidirectional)
- Allowed Local PC to use these ports in the Internet zone
- Allowed Internet zone to use these ports for the Local PC

Save it all, and give it another go.

(I noticed at first it could be a bit fiddly, perhaps it needed a reboot or restart of the network services?)

Title: Re: port 4662
Post by: The X on January 09, 2004, 02:54:12 AM

Quote

Originally posted by deltaHF
try as root:

iptables -A INPUT -p tcp --dport 4662 -j ACCEPT
iptables -A INPUT -p udp --dport 4665 -j ACCEPT
iptables -A INPUT -p udp --dport 4672 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 4662 -j ACCEPT
iptables -A OUTPUT -p udp --dport 4665 -j ACCEPT
iptables -A OUTPUT -p udp --dport 4672 -j ACCEPT

greets
delta

What's the goal of the 4665 ? I know 4662 & 4672 but WHY 4665 ?

Actually I use IT :

Code: [Select]

($wan=ppp0)

iptables -A INPUT -i $wan -p tcp --dport 4662 --sport 1024:65535 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i $wan -p udp --dport 4672 --sport 1024:65535 -m state --state NEW,ESTABLISHED -j ACCEPT

iptables -A OUTPUT -o $wan -p tcp --dport 1024:65535 -j ACCEPT
iptables -A OUTPUT -o $wan -p udp --dport 1024:65535 -j ACCEPT

It's Correct ?

Title: found this off of another site
Post by: CoBEn2004 on January 09, 2004, 05:44:48 PM

Local Port:     any
     Remote Port:    4665
     Protocol:    UDP
     Direction:    outgoing / (incoming)
     Purpose:    Source asking on servers , searching for files
     Note:    

Servers using the default port 4661 TCP (see #5) automatically set their port for source asking to 4665 UDP. If a server uses a different port in #5 the corresponding UDP port is set to [Connection Port + 4]. For firewalls the remote port here is any.

UDP is a connectionless protocol, i.e. unlike TCP no connection is kept alive. If a server answers e.g. a source request this answer is treated as a new connection. All commonly used routers and firewalls in the home computer sector perform an UDP connection tracking therefore it is not necessary to specify an incoming port for UDP in the router's or firewall's configuration.

Title: Re: port 4662
Post by: The X on January 09, 2004, 09:04:59 PM

R u able to write us the best & complete rules of iptable for a script of firewall that work in a linux 2.4/2.6 kernel system ?

TNK

Title: firewall script
Post by: Vae Victis on January 10, 2004, 12:01:44 AM

@The X:
If you need a complete firewall
http://vae.xs4all.nl/firewall.script

This is the one I use.
It closes all ports and opens the one you need/want.

You should check the parts:
'# TCP rules' and '# UDP ports'
I run 2 amule's (1 for releases) and start them with a restart script which changes ports.
This so I won't have a low ID 'cause my ports aren't free.
I also run a direct connect client, added ports for this as well.
You should delete those or uncomment them if you don't use direct connect.
If you use direct connect, make sure those are the ports you use. Change them otherwise.

The rest should be clear, web/ft/irc/ssh etc.

Title: RE: firewall script
Post by: The X on January 10, 2004, 04:08:13 AM

Quote

Originally posted by Vae Victis
@The X:
If you need a complete firewall
http://vae.xs4all.nl/firewall.script

This is the one I use.
It closes all ports and opens the one you need/want.

You should check the parts:
'# TCP rules' and '# UDP ports'

I already configurated all my firewall less then amule...

I readed your script but I'm not able to understand this sintax of iptable...

I use Linux Debian with kernel 2.4.18 and my general sintax is like this :

iptables -A INPUT -i ppp0 -p tcp --dport 4662 --sport 1024:65535

I use only 1 amule (no dc)...

Can you translate in my sintax the necessary rules ?

TNK

Title: Re: port 4662
Post by: The X on January 16, 2004, 09:49:38 PM

Quote

Originally posted by deltaHF
try as root:

iptables -A INPUT -p tcp --dport 4662 -j ACCEPT
iptables -A INPUT -p udp --dport 4665 -j ACCEPT
iptables -A INPUT -p udp --dport 4672 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 4662 -j ACCEPT
iptables -A OUTPUT -p udp --dport 4665 -j ACCEPT
iptables -A OUTPUT -p udp --dport 4672 -j ACCEPT

greets
delta

2 question :

1) If I use the STATE like this :

Code: [Select]

iptables -A INPUT -i $wan -p tcp --dport 4662 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i $wan -p udp --dport 4665 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i $wan -p udp --dport 4672 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
That I think is correct.... so....
What'r the STATE for the OUTPUT ?
IF a block 4 default all the OUPUT flow; I've to put also the string "--sport 1024:65535" in the in/output rules ?

2) The 4661 port used only for the mule-server (like razorback ecc ecc) & not 4 us, It's true ?
We've to put any rules to open in in/ouput this port ?

Tnk at all