Re: BitTorrent and iptables (was: Can not read UDF CD)

[Bill Davidsen <davidsen@tmr.com>]

Jan Knutar wrote:
> On Thursday 12 August 2004 23:33, Bill Davidsen wrote:
> 
> 
>>I used torrent to pull something the other day, and while I could pull, 
>>no one could connect to get data from me. I have my iptables set to 
>>ESTABLISHED,RELATED so iptables may not know about torrent.
> 
> 
> You probably need to explicitly ACCEPT incoming to the port that Bittorrent
> uses. A tracker module to sniff traffic to known outbound tracker ports, to
> detect which port Bittorrent is using, and allow that inbound, seems a little
> bit excessive to me, not to mention that people set up trackers on the most
> varying range of seemingly random ports :-)
> 
> Either way, common sane principles of TCP/IP apply with Bittorrent too,
> if both parties are firewalled, you wont transfer any data between eachother.
> If one party (out of two) is unfirewalled, data can be transfered both ways
> between them, the firewalled party will established connection to the unfirewalled
> to get communication going.

The desired behaviour is that incoming BT connections would be accepted 
while an outgoing BT connection is in place. You can't open the port at 
any other time, there's no (legitimate) process listening and the 
firewall wouldn't know where to forward the socket in any case.

This belongs on another list.

-- 
    -bill davidsen (davidsen@tmr.com)
"The secret to procrastination is to put things off until the
  last possible moment - but no longer"  -me