aMule Forum

English => en_Linux => Topic started by: peeks on April 15, 2004, 10:03:17 AM

Title: firewall config
Post by: peeks on April 15, 2004, 10:03:17 AM

hi everyone,

Let me start of by saying I am a total nOOb to networking :) I was trying to configure my firewall so that I could use aMule and came across a few posts on this forum which had  references to a port  " UDP (TCP+3) - 4662 ". I dont understand what the 'TCP+3' part is.

Right now Guarddog is configured as follows:

UDP - 4672
UDP - 4665
UDP - 4666
TCP - 4661
TCP - 4662

Is this configuration correct? Right now, I can upload fine but I have to keep prodding the downloads by periodically reconnecting to the server. How can I fix this? Sorry if my post was vague. I'll gladly post more details if necessary.

Thanks!

pk

p.s It would be great if there was a FAQ for firewall configuration. Newbies like me would greatly appreciate it!

Title: RE: firewall config
Post by: niet on April 15, 2004, 11:27:06 AM

Use "non-standard" port (not 4662!) because many ISPs block them or limit traffic to/from those ports

Use something else......for example  tcp port "5000" and udp port "5005"

and in firewall put something like:

iptables -A INPUT -p tcp   --dport 5000 -j ACCEPT
iptables -A INPUT -p udp  --dport 5003 -j ACCEPT
iptables -A INPUT -p udp  --dport 5005 -j ACCEPT

Title: RE: firewall config
Post by: peeks on April 15, 2004, 11:00:38 PM

thanks greebo! i still had a question though. What does (TCP+3) mean?

Title: RE: firewall config
Post by: niet on April 16, 2004, 11:03:36 AM

Quote

Originally posted by peeksWhat does (TCP+3) mean?

dunno. Where did you get that ?

Title: Re: firewall config
Post by: deltaHF on April 16, 2004, 11:06:02 AM

your TCP port in prefs is 5000 -> TCP+3 is then 5003

greets

Title: Re: firewall config
Post by: Stevil on April 16, 2004, 01:31:00 PM

strange... i've an SMC barricade router...
i just opened these 3 ports:

4661 TCP
4662 TCP
4665 UDP

no problems, allways high ID and good download speed with 50-80KB/s

Title: Re: firewall config
Post by: Master on April 16, 2004, 04:06:41 PM

I have a question.
In the settings I have set TCP 4670 and UDP 4672.
So I am expecting all the connections to go through these ports, plus one more which 4673. However if I run netstat (Linux), then I see another port that is open

tcp        0      0 xx.xx.xx.xx:32809     razorback.ed2k.ch:4661  ESTABLISHED

Why is port 32809 open?  Also, I saw that when I browse the web, other ports than the ordinary ones are opened. For example:
tcp        0      0 xx.xx.xx.xx:33046     http://www.kde.org:www         ESTABLISHED
tcp        0      0 xx.xx.xx.xx:33047     http://www.kde.org:www         ESTABLISHED

Does anybody can explain this to me.

Thank you

Title: Re: firewall config
Post by: peeks on April 16, 2004, 05:44:06 PM

lol..thanks a lot for clearing that up! i guess i got thrown off when i say the 'UDP' next to 'TCP+3'. As for where I saw the reference to TCP+3, it was right here:

http://www.amule.org/amule/thread.php?threadid=842&sid=&hilight=port+4662

Title: Re: firewall config
Post by: Jacobo221 on April 16, 2004, 06:23:12 PM

You are being client, not server. Servers use "standard" ports so that they can be accessed. clients can use any port and report the port the0r useing during connection attempt.
High ports are useful on networks with a firewall, since they are not locked. (For the same reason, also by trojans)

Hope that was the answer you expected ;-)
Regards.

Title: Re: firewall config
Post by: Master on April 16, 2004, 07:35:10 PM

Quote

Originally posted by Jacobo221
You are being client, not server. Servers use "standard" ports so that they can be accessed. clients can use any port and report the port the0r useing during connection attempt.
High ports are useful on networks with a firewall, since they are not locked. (For the same reason, also by trojans)

Hope that was the answer you expected ;-)
Regards.

So, if I set a firewall and I open only the ports that I have in the settings (plus one more port --- tcp+3) will I be able to connect to the servers? How would I connect to Razorback or browse the web if high ports are closed?

Title: Re: firewall config
Post by: Jacobo221 on April 18, 2004, 01:13:29 AM

> will I be able to connect to the servers?

Server apps use low ports. Client apps use high ports. Server & client apps use both low and high ports (low for server functions, hight for client functions).
Just make sure all server apps's ports are opened and set the firewall to allow high ports (there'll be that option surely, just search for it. Anyway, that'll be enabled be default on 99,999% of the cases ;-)).
So, you'll be able to connect to any server if you have high ports connections allowed by the firewall

> How would I connect to Razorback or browse the web if high ports are closed?

Useing high ports. When you connect to a web page, the web server service (maybe Apache, maybe IIS, or whatever) is (most surely) useing port 80, but _you_ will be useing a high port (i.e. 32560).

I think you have a little confusion on what it means topics like "web runs on port 80". That means that the web server has port 80 opened to the world, but people who want to read that web do NOT open port 80 on their own computers. The opene some high port and send packets from that high port to that low port (usually 80) on the server.

I don't know if I'm explaining myself enough well.

Well that was I nice lesson today :-P
Greetings.

Title: Re: firewall config
Post by: Master on April 18, 2004, 04:32:09 PM

You kind did  :)

Thanks

Title: RE: firewall config
Post by: Sque2L'StaKe on June 27, 2004, 11:15:07 PM

Fantastic,
now all is perfect, thank you very much  greebo