aMule Forum

Please login or register.

Login with username, password and session length
Advanced search  

News:

We're back! (IN POG FORM)

Author Topic: firewall config  (Read 5742 times)

peeks

  • Approved Newbie
  • *
  • Karma: 0
  • Offline Offline
  • Posts: 6
firewall config
« on: April 15, 2004, 10:03:17 AM »

hi everyone,

Let me start of by saying I am a total nOOb to networking :) I was trying to configure my firewall so that I could use aMule and came across a few posts on this forum which had  references to a port  " UDP (TCP+3) - 4662 ". I dont understand what the 'TCP+3' part is.

Right now Guarddog is configured as follows:

UDP - 4672
UDP - 4665
UDP - 4666
TCP - 4661
TCP - 4662

Is this configuration correct? Right now, I can upload fine but I have to keep prodding the downloads by periodically reconnecting to the server. How can I fix this? Sorry if my post was vague. I'll gladly post more details if necessary.

Thanks!

pk

p.s It would be great if there was a FAQ for firewall configuration. Newbies like me would greatly appreciate it!
Logged
"The vast majority of Iraqis want to live in a peaceful, free world. And we will find these people and we will bring them to justice." -- George W. Bush

niet

  • aMule DNS
  • Developer
  • Approved Newbie
  • *****
  • Karma: 2
  • Offline Offline
  • Posts: 20
RE: firewall config
« Reply #1 on: April 15, 2004, 11:27:06 AM »

Use "non-standard" port (not 4662!) because many ISPs block them or limit traffic to/from those ports

Use something else......for example  tcp port "5000" and udp port "5005"

and in firewall put something like:

iptables -A INPUT -p tcp   --dport 5000 -j ACCEPT
iptables -A INPUT -p udp  --dport 5003 -j ACCEPT
iptables -A INPUT -p udp  --dport 5005 -j ACCEPT
Logged

peeks

  • Approved Newbie
  • *
  • Karma: 0
  • Offline Offline
  • Posts: 6
RE: firewall config
« Reply #2 on: April 15, 2004, 11:00:38 PM »

thanks greebo! i still had a question though. What does (TCP+3) mean?
Logged
"The vast majority of Iraqis want to live in a peaceful, free world. And we will find these people and we will bring them to justice." -- George W. Bush

niet

  • aMule DNS
  • Developer
  • Approved Newbie
  • *****
  • Karma: 2
  • Offline Offline
  • Posts: 20
RE: firewall config
« Reply #3 on: April 16, 2004, 11:03:36 AM »

Quote
Originally posted by peeksWhat does (TCP+3) mean?

dunno. Where did you get that ?
Logged

deltaHF

  • Evil Admin
  • Former Developer
  • Hero Member
  • *****
  • Karma: 6
  • Offline Offline
  • Posts: 3923
  • .. Legends may sleep, but they never die ..
    • http://www.amule.org
Re: firewall config
« Reply #4 on: April 16, 2004, 11:06:02 AM »

your TCP port in prefs is 5000 -> TCP+3 is then 5003

greets

Stevil

  • Full Member
  • ***
  • Karma: 0
  • Offline Offline
  • Posts: 110
Re: firewall config
« Reply #5 on: April 16, 2004, 01:31:00 PM »

strange... i've an SMC barricade router...
i just opened these 3 ports:

4661 TCP
4662 TCP
4665 UDP

no problems, allways high ID and good download speed with 50-80KB/s
Logged
5.3-RELEASE FreeBSD 5.3-RELEASE #0: Fri Nov 5 04:19:18 UTC 2004

errare humanum est ;)

Master

  • Jr. Member
  • **
  • Karma: 0
  • Offline Offline
  • Posts: 93
Re: firewall config
« Reply #6 on: April 16, 2004, 04:06:41 PM »

I have a question.
In the settings I have set TCP 4670 and UDP 4672.
So I am expecting all the connections to go through these ports, plus one more which 4673. However if I run netstat (Linux), then I see another port that is open

tcp        0      0 xx.xx.xx.xx:32809     razorback.ed2k.ch:4661  ESTABLISHED

Why is port 32809 open?  Also, I saw that when I browse the web, other ports than the ordinary ones are opened. For example:
tcp        0      0 xx.xx.xx.xx:33046     http://www.kde.org:www         ESTABLISHED
tcp        0      0 xx.xx.xx.xx:33047     http://www.kde.org:www         ESTABLISHED

Does anybody can explain this to me.

Thank you
Logged

peeks

  • Approved Newbie
  • *
  • Karma: 0
  • Offline Offline
  • Posts: 6
Re: firewall config
« Reply #7 on: April 16, 2004, 05:44:06 PM »

lol..thanks a lot for clearing that up! i guess i got thrown off when i say the 'UDP' next to 'TCP+3'. As for where I saw the reference to TCP+3, it was right here:

http://www.amule.org/amule/thread.php?threadid=842&sid=&hilight=port+4662
Logged
"The vast majority of Iraqis want to live in a peaceful, free world. And we will find these people and we will bring them to justice." -- George W. Bush

Jacobo221

  • Hero Member
  • *****
  • Karma: 3
  • Offline Offline
  • Posts: 2711
Re: firewall config
« Reply #8 on: April 16, 2004, 06:23:12 PM »

You are being client, not server. Servers use "standard" ports so that they can be accessed. clients can use any port and report the port the0r useing during connection attempt.
High ports are useful on networks with a firewall, since they are not locked. (For the same reason, also by trojans)

Hope that was the answer you expected ;-)
Regards.
Logged

Master

  • Jr. Member
  • **
  • Karma: 0
  • Offline Offline
  • Posts: 93
Re: firewall config
« Reply #9 on: April 16, 2004, 07:35:10 PM »

Quote
Originally posted by Jacobo221
You are being client, not server. Servers use "standard" ports so that they can be accessed. clients can use any port and report the port the0r useing during connection attempt.
High ports are useful on networks with a firewall, since they are not locked. (For the same reason, also by trojans)

Hope that was the answer you expected ;-)
Regards.

So, if I set a firewall and I open only the ports that I have in the settings (plus one more port --- tcp+3) will I be able to connect to the servers? How would I connect to Razorback or browse the web if high ports are closed?
« Last Edit: April 16, 2004, 07:35:31 PM by Master »
Logged

Jacobo221

  • Hero Member
  • *****
  • Karma: 3
  • Offline Offline
  • Posts: 2711
Re: firewall config
« Reply #10 on: April 18, 2004, 01:13:29 AM »

> will I be able to connect to the servers?

Server apps use low ports. Client apps use high ports. Server & client apps use both low and high ports (low for server functions, hight for client functions).
Just make sure all server apps's ports are opened and set the firewall to allow high ports (there'll be that option surely, just search for it. Anyway, that'll be enabled be default on 99,999% of the cases ;-)).
So, you'll be able to connect to any server if you have high ports connections allowed by the firewall

> How would I connect to Razorback or browse the web if high ports are closed?

Useing high ports. When you connect to a web page, the web server service (maybe Apache, maybe IIS, or whatever) is (most surely) useing port 80, but _you_ will be useing a high port (i.e. 32560).

I think you have a little confusion on what it means topics like "web runs on port 80". That means that the web server has port 80 opened to the world, but people who want to read that web do NOT open port 80 on their own computers. The opene some high port and send packets from that high port to that low port (usually 80) on the server.

I don't know if I'm explaining myself enough well.

Well that was I nice lesson today :-P
Greetings.
Logged

Master

  • Jr. Member
  • **
  • Karma: 0
  • Offline Offline
  • Posts: 93
Re: firewall config
« Reply #11 on: April 18, 2004, 04:32:09 PM »

You kind did  :)

Thanks
Logged

Sque2L'StaKe

  • Newbie
  • Karma: 0
  • Offline Offline
  • Posts: 4
RE: firewall config
« Reply #12 on: June 27, 2004, 11:15:07 PM »

Fantastic,
now all is perfect, thank you very much  greebo
Logged