This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Allow torrent traffic

So I thought it was working, but apparently it isn't. It maxes the CPU on my Astaro box which kills all traffic. I have to close my torrent client before it goes down. Here are my rules and necessary info (using ASG v7):

Laptop IP: 192.168.1.150

Torrent Port: 20445



Definitions>Network:

Name: Azureus laptop

Type: Host

Address: 192.168.1.150



Definitions>Services:

Name: Azureus service

Type of Def: TCP/UDP

Dest. port: 20445

Source port: 1:65535



Packet Filter:

Position: Top

Source: Any

Service: Azureus service

Destination: Azureus laptop

Action: Allow



NAT>DNAT/SNAT:

Position: 1

Traffic Source: Any

Traffic Service: Azureus service

Traffic Dest: WAN

NAT Mode: DNAT (Destination)

Dest.: Azureus laptop

Dest. Service: Azureus service

Is there something wrong there? Why is the CPU maxing out? Also, the P2P security thing is disabled.

This thread was automatically locked due to age.

Parents

0 Radiohead-79 over 18 years ago

Looks good. What kind of hardware are you using? Perhaps you have to less memory installed. Same setting works perfectly for me. But I use ports for torrent that are over 49000, because I read about it on the internet that you should use a port >49000.
Cancel
Vote Up 0 Vote Down

Cancel
0 nloding over 18 years ago in reply to Radiohead-79

Perhaps the system is a little low in resources, but usually the box runs at 6% CPU and not very much RAM. Why would these rules cause the CPU to max? That seems odd to me.

At least I know the settings are correct, though. I'll bounce the box tonight, change the port to something high (49000+) and see what happens.
Cancel
Vote Up 0 Vote Down

Cancel
0 Radiohead-79 over 18 years ago in reply to nloding

I have other problems with my box. It hangs almost on a daily basis. I am doing a memtest right now...
Cancel
Vote Up 0 Vote Down

Cancel
0 nloding over 18 years ago in reply to Radiohead-79

And your specs are way above what mine are.

Is this a software glitch that is being worked on, or ... do we not know ... ?
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 nloding over 18 years ago in reply to Radiohead-79

And your specs are way above what mine are.

Is this a software glitch that is being worked on, or ... do we not know ... ?
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 William Warren over 18 years ago in reply to nloding

Astaro v7 has a dos vuln:

https://community.sophos.com/products/unified-threat-management/astaroorg/f/51/t/19797
Cancel
Vote Up 0 Vote Down

Cancel
0 nloding over 18 years ago in reply to William Warren

To reopen an old topic ... though not related to the DoS vuln. that was discovered ...

If I have the packet filter set to allow anything from my internal network to any network, why do I need to set up additional rules for BitTorrent, and my Xbox 360, and my Wii, etc. Shouldn't the packets that are allowed out be allowed by default to come back in?

I know this is how it works on the Sonicwall firewalls I'm used to at work... Just wondering what exactly the purpose of the DNAT rules are?
Cancel
Vote Up 0 Vote Down

Cancel
0 drees over 18 years ago in reply to nloding

To get BitTorrent working optimally, you need both remote and local connections to be able to be established.

If you don't create a NAT rule to forward your BitTorrent port to your BitTorrent client, BitTorrent will only be able to establish outbound connections which will limit your download and upload speeds.

For big swarms this may not make a substantial difference, but realize that if everyone had their clients configured this way BitTorrent would be useless.

So yes, BitTorrent will run just by allowing outbound connections (note that you will likely need to open up all outbound ports above 1024 since many clients change their port number) but creating a NAT rule and the corresponding inbound packet filter rule will get it working the best.
Cancel
Vote Up 0 Vote Down

Cancel