Topic: firewall config (Read 7750 times)

peeks · « **on:** April 15, 2004, 10:03:17 AM »

hi everyone,

Let me start of by saying I am a total nOOb to networking

I was trying to configure my firewall so that I could use aMule and came across a few posts on this forum which had references to a port " UDP (TCP+3) - 4662 ". I dont understand what the 'TCP+3' part is.

Right now Guarddog is configured as follows:

UDP - 4672
UDP - 4665
UDP - 4666
TCP - 4661
TCP - 4662

Is this configuration correct? Right now, I can upload fine but I have to keep prodding the downloads by periodically reconnecting to the server. How can I fix this? Sorry if my post was vague. I'll gladly post more details if necessary.

Thanks!

pk

p.s It would be great if there was a FAQ for firewall configuration. Newbies like me would greatly appreciate it!

niet · « **Reply #1 on:** April 15, 2004, 11:27:06 AM »

Use "non-standard" port (not 4662!) because many ISPs block them or limit traffic to/from those ports

Use something else......for example tcp port "5000" and udp port "5005"

and in firewall put something like:

iptables -A INPUT -p tcp --dport 5000 -j ACCEPT
iptables -A INPUT -p udp --dport 5003 -j ACCEPT
iptables -A INPUT -p udp --dport 5005 -j ACCEPT

peeks · « **Reply #2 on:** April 15, 2004, 11:00:38 PM »

thanks greebo! i still had a question though. What does (TCP+3) mean?

niet · « **Reply #3 on:** April 16, 2004, 11:03:36 AM »

Quote

Originally posted by peeksWhat does (TCP+3) mean?

dunno. Where did you get that ?

deltaHF · « **Reply #4 on:** April 16, 2004, 11:06:02 AM »

your TCP port in prefs is 5000 -> TCP+3 is then 5003

greets

Stevil · « **Reply #5 on:** April 16, 2004, 01:31:00 PM »

strange... i've an SMC barricade router...
i just opened these 3 ports:

4661 TCP
4662 TCP
4665 UDP

no problems, allways high ID and good download speed with 50-80KB/s

Master · « **Reply #6 on:** April 16, 2004, 04:06:41 PM »

I have a question.
In the settings I have set TCP 4670 and UDP 4672.
So I am expecting all the connections to go through these ports, plus one more which 4673. However if I run netstat (Linux), then I see another port that is open

tcp 0 0 xx.xx.xx.xx:32809 razorback.ed2k.ch:4661 ESTABLISHED

Why is port 32809 open? Also, I saw that when I browse the web, other ports than the ordinary ones are opened. For example:
tcp 0 0 xx.xx.xx.xx:33046 http://www.kde.org:www ESTABLISHED
tcp 0 0 xx.xx.xx.xx:33047 http://www.kde.org:www ESTABLISHED

Does anybody can explain this to me.

Thank you

peeks · « **Reply #7 on:** April 16, 2004, 05:44:06 PM »

lol..thanks a lot for clearing that up! i guess i got thrown off when i say the 'UDP' next to 'TCP+3'. As for where I saw the reference to TCP+3, it was right here:

http://www.amule.org/amule/thread.php?threadid=842&sid=&hilight=port+4662

Jacobo221 · « **Reply #8 on:** April 16, 2004, 06:23:12 PM »

You are being client, not server. Servers use "standard" ports so that they can be accessed. clients can use any port and report the port the0r useing during connection attempt.
High ports are useful on networks with a firewall, since they are not locked. (For the same reason, also by trojans)

Hope that was the answer you expected ;-)
Regards.

Master · « **Reply #9 on:** April 16, 2004, 07:35:10 PM »

Quote

Originally posted by Jacobo221
You are being client, not server. Servers use "standard" ports so that they can be accessed. clients can use any port and report the port the0r useing during connection attempt.
High ports are useful on networks with a firewall, since they are not locked. (For the same reason, also by trojans)

Hope that was the answer you expected ;-)
Regards.

So, if I set a firewall and I open only the ports that I have in the settings (plus one more port --- tcp+3) will I be able to connect to the servers? How would I connect to Razorback or browse the web if high ports are closed?

Jacobo221 · « **Reply #10 on:** April 18, 2004, 01:13:29 AM »

> will I be able to connect to the servers?

Server apps use low ports. Client apps use high ports. Server & client apps use both low and high ports (low for server functions, hight for client functions).
Just make sure all server apps's ports are opened and set the firewall to allow high ports (there'll be that option surely, just search for it. Anyway, that'll be enabled be default on 99,999% of the cases ;-)).
So, you'll be able to connect to any server if you have high ports connections allowed by the firewall

> How would I connect to Razorback or browse the web if high ports are closed?

Useing high ports. When you connect to a web page, the web server service (maybe Apache, maybe IIS, or whatever) is (most surely) useing port 80, but _you_ will be useing a high port (i.e. 32560).

I think you have a little confusion on what it means topics like "web runs on port 80". That means that the web server has port 80 opened to the world, but people who want to read that web do NOT open port 80 on their own computers. The opene some high port and send packets from that high port to that low port (usually 80) on the server.

I don't know if I'm explaining myself enough well.

Well that was I nice lesson today :-P
Greetings.

Master · « **Reply #11 on:** April 18, 2004, 04:32:09 PM »

You kind did

Thanks

Sque2L'StaKe · « **Reply #12 on:** June 27, 2004, 11:15:07 PM »

Fantastic,
now all is perfect, thank you very much greebo

aMule Forum

News:

Author Topic: firewall config (Read 7750 times)

peeks

firewall config

niet

RE: firewall config

peeks

RE: firewall config

niet

RE: firewall config

deltaHF

Re: firewall config

Stevil

Re: firewall config

Master

Re: firewall config

peeks

Re: firewall config

Jacobo221

Re: firewall config

Master

Re: firewall config

Jacobo221

Re: firewall config

Master

Re: firewall config

Sque2L'StaKe

RE: firewall config