This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Bit Torrent sync / firewall rules

okay im at my witts end here I thought i understood how the firewall works but i guess im not getting something

example from the log

01:58:12 Default DROP UDP 10.10.10.194 : 42816 → 54.225.100.8 : 3000 len=125 ttl=127 tos=0x00 srcmac=2c:41:38:11:87:c3 dstmac=0:1a:8c:12:86:a0
01:58:12 Default DROP UDP 10.10.10.194 : 42816 → 54.225.100.8 : 3000 len=125 ttl=127 tos=0x00 srcmac=2c:41:38:11:87:c3 dstmac=0:1a:8c:12:86:a0
01:58:19 Default DROP UDP 10.10.10.116 : 42816 → 54.225.100.8 : 3000 len=125 ttl=127 tos=0x00 srcmac=0:25:90:3c:2b:25 dstmac=0:1a:8c:12:86:a0
01:58:22 Default DROP UDP 10.10.10.194 : 42816 → 54.225.100.8 : 3000 len=125 ttl=127 tos=0x00 srcmac=2c:41:38:11:87:c3 dstmac=0:1a:8c:12:86:a0
01:58:22 Default DROP UDP 10.10.10.194 : 42816 → 54.225.100.8 : 3000 len=125 ttl=127 tos=0x00 srcmac=2c:41:38:11:87:c3 dstmac=0:1a:8c:12:86:a0
01:58:29 Default DROP UDP 10.10.10.116 : 42816 → 54.225.100.8 : 3000 len=125 ttl=127 tos=0x00 srcmac=0:25:90:3c:2b:25 dstmac=0:1a:8c:12:86:a0
01:58:32 Default DROP UDP 10.10.10.194 : 42816 → 54.225.100.8 : 3000 len=125 ttl=127 tos=0x00 srcmac=2c:41:38:11:87:c3 dstmac=0:1a:8c:12:86:a0

the rule i setup was

Internal (network)→ BT Sync* → any

*BT Sync UDP 1:65535 → 42816

Its dropping all the packets

any pointers?

This thread was automatically locked due to age.

Parents

0 dilandau over 12 years ago

bimmerdriver, do these dropped packets have a source IP from your internal network or Internet IP address?

what services are you allowing out from your internal network?

If you are not allowing all services out, you will need to add a firewall rule to allow traffic out from your PC running utorrent that is opposite of the service you use for the dnat.

ex: Service "bittorrent out"
source: 688x
destination: 1:65535

Firewall rule:
PC -> "bittorrent out" -> Internet
Cancel
Vote Up 0 Vote Down

Cancel
0 bimmerdriver over 12 years ago in reply to dilandau

bimmerdriver, do these dropped packets have a source IP from your internal network or Internet IP address?

what services are you allowing out from your internal network?

If you are not allowing all services out, you will need to add a firewall rule to allow traffic out from your PC running utorrent that is opposite of the service you use for the dnat.

ex: Service "bittorrent out"
source: 688x
destination: 1:65535

Firewall rule:
PC -> "bittorrent out" -> Internet
The packets being dropped are from external ip addresses, not internal. There are no packets being dropped that are sourced from internal addresses. For each host, I have a specific port (e.g., 6881, 6882, ...) and the DNAT rule is redirecting traffic for that port to the appropriate host, at least it's supposed to be doing that. For some reason, there are a lot packets being dropped. I can't figure out why it's not working.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 bimmerdriver over 12 years ago in reply to dilandau

bimmerdriver, do these dropped packets have a source IP from your internal network or Internet IP address?

what services are you allowing out from your internal network?

If you are not allowing all services out, you will need to add a firewall rule to allow traffic out from your PC running utorrent that is opposite of the service you use for the dnat.

ex: Service "bittorrent out"
source: 688x
destination: 1:65535

Firewall rule:
PC -> "bittorrent out" -> Internet
The packets being dropped are from external ip addresses, not internal. There are no packets being dropped that are sourced from internal addresses. For each host, I have a specific port (e.g., 6881, 6882, ...) and the DNAT rule is redirecting traffic for that port to the appropriate host, at least it's supposed to be doing that. For some reason, there are a lot packets being dropped. I can't figure out why it's not working.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data