Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 41 replies
  • Subscribers 3 subscribers
  • Views 29787 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Bit Torrent sync / firewall rules

crash893
okay im at my witts end here I thought i understood how the firewall works but i guess im not getting something


example from the log

01:58:12 Default DROP UDP 10.10.10.194 : 42816 → 54.225.100.8 : 3000 len=125 ttl=127 tos=0x00 srcmac=2c:41:38:11:87:c3 dstmac=0:1a:8c:12:86:a0
01:58:12 Default DROP UDP 10.10.10.194 : 42816 → 54.225.100.8 : 3000 len=125 ttl=127 tos=0x00 srcmac=2c:41:38:11:87:c3 dstmac=0:1a:8c:12:86:a0
01:58:19 Default DROP UDP 10.10.10.116 : 42816 → 54.225.100.8 : 3000 len=125 ttl=127 tos=0x00 srcmac=0:25:90:3c:2b:25 dstmac=0:1a:8c:12:86:a0
01:58:22 Default DROP UDP 10.10.10.194 : 42816 → 54.225.100.8 : 3000 len=125 ttl=127 tos=0x00 srcmac=2c:41:38:11:87:c3 dstmac=0:1a:8c:12:86:a0
01:58:22 Default DROP UDP 10.10.10.194 : 42816 → 54.225.100.8 : 3000 len=125 ttl=127 tos=0x00 srcmac=2c:41:38:11:87:c3 dstmac=0:1a:8c:12:86:a0
01:58:29 Default DROP UDP 10.10.10.116 : 42816 → 54.225.100.8 : 3000 len=125 ttl=127 tos=0x00 srcmac=0:25:90:3c:2b:25 dstmac=0:1a:8c:12:86:a0
01:58:32 Default DROP UDP 10.10.10.194 : 42816 → 54.225.100.8 : 3000 len=125 ttl=127 tos=0x00 srcmac=2c:41:38:11:87:c3 dstmac=0:1a:8c:12:86:a0


the rule i setup was

Internal (network)→ BT Sync* → any

*BT Sync  UDP 1:65535 → 42816

Its dropping all the packets 

any pointers?


This thread was automatically locked due to age.
Parents
  • 0
    If you have Log Initial Packets enabled, they should be logged in the firewall log (filename: packetfilter.log).

    Barry
  • 0 in reply to BarryG
    If you have Log Initial Packets enabled, they should be logged in the firewall log (filename: packetfilter.log).

    Barry
    Okay, I logged some packets: 

    2013:08:07-19:51:21 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="58.169.252.9" dstip="154.20.117.22" proto="17" length="131" tos="0x00" prec="0x40" ttl="109" srcport="39331" dstport="6882"

    2013:08:07-19:51:27 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="68.82.66.138" dstip="154.20.117.22" proto="17" length="131" tos="0x00" prec="0x00" ttl="114" srcport="14575" dstport="6882"

    2013:08:07-19:51:27 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="88.185.124.137" dstip="154.20.117.22" proto="17" length="131" tos="0x00" prec="0x00" ttl="116" srcport="39274" dstport="6882"

    2013:08:07-19:51:32 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="58.169.252.9" dstip="154.20.117.22" proto="17" length="131" tos="0x00" prec="0x40" ttl="109" srcport="39331" dstport="6882"

    2013:08:07-19:51:40 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="95.78.74.155" dstip="154.20.117.22" proto="17" length="134" tos="0x00" prec="0x00" ttl="115" srcport="2781" dstport="6882"

    2013:08:07-19:51:40 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="76.89.188.9" dstip="154.20.117.22" proto="17" length="131" tos="0x00" prec="0x00" ttl="114" srcport="30219" dstport="6882"

    2013:08:07-19:51:44 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="126.13.120.17" dstip="154.20.117.22" proto="17" length="129" tos="0x00" prec="0x00" ttl="116" srcport="25608" dstport="6882"

    2013:08:07-19:51:49 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="76.89.188.9" dstip="154.20.117.22" proto="17" length="131" tos="0x00" prec="0x00" ttl="114" srcport="30219" dstport="6882"

    2013:08:07-19:51:49 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="37.128.216.225" dstip="154.20.117.22" proto="17" length="131" tos="0x00" prec="0x00" ttl="117" srcport="64155" dstport="6882"

    2013:08:07-19:52:03 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="58.169.252.9" dstip="154.20.117.22" proto="17" length="131" tos="0x00" prec="0x40" ttl="109" srcport="39331" dstport="6882"


    Is there any obvious reason why these packets are getting dropped?
Reply
  • 0 in reply to BarryG
    If you have Log Initial Packets enabled, they should be logged in the firewall log (filename: packetfilter.log).

    Barry
    Okay, I logged some packets: 

    2013:08:07-19:51:21 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="58.169.252.9" dstip="154.20.117.22" proto="17" length="131" tos="0x00" prec="0x40" ttl="109" srcport="39331" dstport="6882"

    2013:08:07-19:51:27 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="68.82.66.138" dstip="154.20.117.22" proto="17" length="131" tos="0x00" prec="0x00" ttl="114" srcport="14575" dstport="6882"

    2013:08:07-19:51:27 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="88.185.124.137" dstip="154.20.117.22" proto="17" length="131" tos="0x00" prec="0x00" ttl="116" srcport="39274" dstport="6882"

    2013:08:07-19:51:32 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="58.169.252.9" dstip="154.20.117.22" proto="17" length="131" tos="0x00" prec="0x40" ttl="109" srcport="39331" dstport="6882"

    2013:08:07-19:51:40 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="95.78.74.155" dstip="154.20.117.22" proto="17" length="134" tos="0x00" prec="0x00" ttl="115" srcport="2781" dstport="6882"

    2013:08:07-19:51:40 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="76.89.188.9" dstip="154.20.117.22" proto="17" length="131" tos="0x00" prec="0x00" ttl="114" srcport="30219" dstport="6882"

    2013:08:07-19:51:44 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="126.13.120.17" dstip="154.20.117.22" proto="17" length="129" tos="0x00" prec="0x00" ttl="116" srcport="25608" dstport="6882"

    2013:08:07-19:51:49 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="76.89.188.9" dstip="154.20.117.22" proto="17" length="131" tos="0x00" prec="0x00" ttl="114" srcport="30219" dstport="6882"

    2013:08:07-19:51:49 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="37.128.216.225" dstip="154.20.117.22" proto="17" length="131" tos="0x00" prec="0x00" ttl="117" srcport="64155" dstport="6882"

    2013:08:07-19:52:03 utm9 ulogd[4235]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="c:a4:2:29:51:6b" dstmac="0:15:5d:1:73:b" srcip="58.169.252.9" dstip="154.20.117.22" proto="17" length="131" tos="0x00" prec="0x40" ttl="109" srcport="39331" dstport="6882"


    Is there any obvious reason why these packets are getting dropped?
Children
No Data