Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SOLVED - Problem resetting uTorrent client vs pfsense.

    Scheduled Pinned Locked Moved NAT
    5 Posts 2 Posters 2.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      DarkSky
      last edited by

      Hi,
      Can anyone help me to find what's wrong on my settings to enable usage of Torrents (here uTorrent). It been a couples of days i am trying every ways to set up the pf and the clients but still not working.

      Gateway: 192.168.2.1
      WAN: 192.168.2.20
      LAN: 10.0.64.1
      ClientsNeedTorrenting:
      10.0.64.2
      10.0.64.7

      Alias: uTorrentClients. Alias have been created for those Clients.

      Extra info:

      • SNORT: I am using SNORT but i have desactivated it to troubleshoot the problem.

      • UPNP & NAT-PMP is disabled on pf.

      • The pf use OpenDNS public DNS and COMODO public DNS
        8.26.56.26 (COMODO);
        8.20.247.20 (COMODO);
        208.67.222.222 (OpenDNS);
        208.67.220.220 (OpenDNS).
        *No i will not change my DNS. :P

      Fact:

      • It is for HOME purpose.

      -YES, i have seen most of all the pfsense forum topics about torrenting and i have make a couples of search to find what's wrong on the internet before posting. Now im tired of this. -_-

      • My gateway have a DMZ set to the firewall

      • Our uTorrent Clients seems to use openDNS public DNS (uTorrent->Options->Prefs->Advanced):
        ISP.primary_dns: 208.67.222.222
        ISP.secondary_dns: 208.67.220.220

      • The value net.max.halfopen is set to *50

      • YES, we were able before, it is not an ISP issue.

      -YES, there's a windows firewall exception on each client.

      • What happend: I have reinstall pf a couple of weaks ago and manually reset it. My back up files weren't working and were dating from an older version of pf.

      • NAT: NAT rules for clients doesn't work, but for example my NAT rules for Blizzard/Battle.net work fine.
        Other:

      • I have a bunch of pics if you want them.
        Thx all.
        NATrules.jpg
        NATrules.jpg_thumb
        LANrules.jpg
        LANrules.jpg_thumb
        FirewallLOGS.jpg
        FirewallLOGS.jpg_thumb
        DMZonGateway.jpg
        DMZonGateway.jpg_thumb
        SetupGuide.jpg
        SetupGuide.jpg_thumb
        Bandwidth.jpg
        Bandwidth.jpg_thumb
        BitTorrentPage.jpg
        BitTorrentPage.jpg_thumb
        Queueing.jpg
        Queueing.jpg_thumb
        net.max.halfopen.jpg
        net.max.halfopen.jpg_thumb
        SetupGuide.jpg
        SetupGuide.jpg_thumb

      1 Reply Last reply Reply Quote 0
      • D
        DarkSky
        last edited by

        You can follow the actual discussion on FACEBOOK on this situation @ https://www.facebook.com/groups/pfsense.official/permalink/1598777523763805/

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          Why would need to follow what will for sure be a trainwreck ;)

          From just a quick look see multiple things wrong. Where are you wan rules?  Did you let your port forward create the rule?  Where is it on the list of rules?  Please post your WAN firewall rules.  But your lan rules are wrong..  So once your in a swarm you have no idea what ports those clients will be using.. But your only allow out dest to the port your client is running on.  That will never work.

          This comes down to basic port forwarding troubleshooting.
          https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

          Your lan rules need to allow your torrent clients to talk outbound on any port.. Or you just going to be able to talk to the clients running on that port - which is prob maybe 1 out of 100,000 or something.. Or maybe just you ;)

          Why do you have automatic port mapping checked if your doing a port forward?  You wold have that checked if you were going to use UPnP..

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • D
            DarkSky
            last edited by

            What's the trainwreck?  ???

            I can show you the WAN rules.
            And yeah, i let the port forward create rules for WAN.

            These rules are around the top of my list.

            Thx for telling me about the LAN rules.
            Thx for the link, i already use it with the pfsense documentation.

            On my pf, no i don't use UPnP, on the uTorrent client, if i use the wizard and test, i NEED to check them, i wont test without them ticked. That's why. But the problem come from the LAN rules setting.

            Well actualy, i think i have solve the problem with all the rules in the LAN rules page.

            Your lan rules need to allow your torrent clients to talk outbound on any port.. Or you just going to be able to talk to the clients running on that port

            In fact, after i readed you there's an hour, i take time to revise them following what you told me. I wasen't realising it. I don't know where i had the head. Maybe too much time working on it.  :) It give me some headaches recently lol
            But thanks a lot for answering.

            On my pf, no i don't use UPnP, on the uTorrent client, if i use the wizard and test, i NEED to check them, i wont test without them ticked. That's why.

            In another way, in a few weeks, i will get a paying VPN and my gold pfsense membership,  try to set it to use WAN and get out on the internet.

            Now there's some pics, from top to bottom, you got:

            NAT
            WAN1
            WAN2
            LAN1
            LAN2
            WIFI

            WAN1.jpg_thumb
            WAN1.jpg
            NAT.jpg_thumb
            NAT.jpg
            WAN2.jpg
            WAN2.jpg_thumb
            LAN1.jpg
            LAN1.jpg_thumb
            LAN2.jpg
            LAN2.jpg_thumb
            WIFI.jpg
            WIFI.jpg_thumb

            1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator
              last edited by

              "What's the trainwreck?  "

              Any attempt at support on FB.. I mean really!!  Its worse the subreddit..

              Ok clearly that is a trainwreck as well..  So you marked solved so what is working?? Have you even read the port forwarding doc??  Seems like your just clicking random shit hoping it works?? ;)

              https://doc.pfsense.org/index.php/How_can_I_forward_ports_with_pfSense

              Why do you have rules to allow your lan and wifi networks on your WAN interface as source traffic???  Completely pointless..
              Why do you have 4 rules in a row that are any any.. Then calling them blizzard downloader?
              You do understand then your block rule at the end becomes pointless.

              Rules are evaluated top down, first rule to trigger wins - no other rules are looked at. 
              Traffic is evaluated inbound to the interface where pfsense first see's the traffic so rules like source net of lan on your wan would never in a million years do anything.  When would traffic inbound to your wan interface come from your lan network??

              What is the attempted point of blocking wifi to the wifi address.  You know the wifi network could just access your firewall on your lan IP, or your wan IP.  Is that rule to block access to the firewall or stop wifi from going else where on say your lan or internet.  Because with that rule only blocking ports that were not allowed to the wifi address.  The default block rule at the end would stop everything else that wasn't in your allow rules..  So not sure what you were trying to do there?

              Not sure what is in your aliases in your NATS..  But those are all wrong expect the one that lists wan address as destination..

              What I would suggest is you start over..  delete all these rules and leave the default any any rules lan side interfaces.  Delete all your port forwards.

              What do you want to do?  Why are you forwarding a RANGE of Ports to what I assume is an alias with lots of different IPs in it..  That is not going to work..

              Pick the port your different torrent devices are going to run on.. Make sure they run on different ones.  The create the port forward - per the doc link shown to 1 of these devices.  Validate it works, then go to your next utorrent client, etc.  If you can ot get a port forward to work then https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

              Then we can move on to whatever other ports you want to forward..

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.8, 24.11

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.