aMule Forum
English => aMule Help => Topic started by: breizh76 on January 11, 2005, 12:13:18 PM
-
Hi !
I have some troubles using amule with port >=1024 with my ISP, so I have configured amule to work with TCP port 119.
Lanching amule as root is not a pb, all works perfectly, but for security reasons, I'd like to launch it as non-root user.
I have configured iptables to do some port translation (1400 is my TCP port in amule, 15000 is UDP ):
...
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 119 -j REDIRECT --to-ports 14000
iptables -t nat -A PREROUTING -i eth0 -p udp --dport 122 -j REDIRECT --to-ports 14003
....
iptables -A INPUT -i eth0 -p tcp --dport 14000 -j ACCEPT
iptables -A INPUT -i eth0 -p udp -m multiport --dport 14003,15000 -j ACCEPT
iptables -A OUTPUT -o eth0 -j ACCEPT
...
iptables -t nat -A POSTROUTING -o eth0 -p tcp --sport 14000 -j MASQUERADE --to-ports 119
iptables -t nat -A POSTROUTING -o eth0 -p udp --sport 14003 -j MASQUERADE --to-ports 122
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
....
All seems to work, but I loose a lot of sources with this method.
1) Have I forgotten something? Is there an another system tools that can help me?
2) Question to devs: will amule be able in the furture to use port <1024 as non-root user (bind to port <1024 with root rights and drop rights after)?
Thanks in advance for your answers, amule is great!
Yann
-
I will answer to second part of post:
2) Question to devs: will amule be able in the furture to use port <1024 as non-root user (bind to port <1024 with root rights and drop rights after)?
Not really. Changing effective gid/uid is quite OS-specific, prone to configuration errors.
-
lfroen,
OK. Thanks for your answer.