Have i Done the rules wrong for torrents?

  • Ok ive been playing for a month or so to try and figger this out.

    My Setup:
    Lets say my Ip is and i use torrent port 37500
    WAN is for web/emails etc
    WAN2 is for torrents only

    –--> Wan1 ---> Router [This router wont let me do DMZ yet]
    Lan Pc's [AD/DNS Server] 192.168.0.X –-> pfSense Box [DHCP/DNS Fowarder]
                                                                      –--> Wan2 (opt1) ---> Router [Router in DMZ]

    Firewall: NAT: Port Forward
    WAN2 TCP/UDP 37400 - 37600 (ext.: 37400 - 37600

    Firewall: NAT: Outbound in AON
    WAN2 * * * * * NO
    WAN * * * * * NO

    Firewall: Rules [Lan]
    TCP * * 80 (HTTP)
    TCP * * 25 (SMTP)

    • * * *

    Firewall: Rules [WAN]

    Firewall: Rules [WAN2]
    TCP/UDP * * 37400 - 37600 *

    I'm having problems with uploading and being classed as Connectable on private trackers
    my Diagnostics: System logs: Firewall in pfsense shows lots of blocks.
    Like below;
    Block Jan 10 20:55:44 WAN2 UDP
    Block Jan 10 20:55:43 WAN2 TCP
    Block Jan 10 20:55:42 WAN2 UDP

    I have tryed uPnP but thats does the same as my rules above, I know the port is open as i have a web server running and port 80 is working for it,
    have i overlooked something or is this too much for pfSense?

    Adding this rule on WAN2;
    TCP/UDP * * * * *
    Will keep the log free but it don't sort the problem.

    Can someone please help with this or some advice.

  • Have you configured your BitTorrent software to use the ports 37400 - 37600 ?

  • I run uTorrent and i have it set to 37500 in the Preferences>Connection tab.

    I just like to keep a 100 port range each side open just in case

  • Then i dont see how the blocks you are seeing on WAN2 are related to uTorrent.

    The rules are blocking connections to 52349, 55699, 52349.

    Maybe you could clarify what you mean with: "I'm having problems with uploading and being classed as Connectable on private trackers"

  • sorry

    on all private trackers u need to be classed as connectable so u can upload, in uTorrent i have the green tick to say my ports are setup right.

    52349, 55699, 52349 are ports being used for some reason;
    Block      Jan 10 20:55:44  WAN2  UDP

    so its like User on port 34287 sends me a udp request, port changed to 52349 (don't know why) firewall sees it on WAN2, but don't know what to do with something on port 52349 so its a default block.

    Here is another one in raw date;
    pf: 626251 rule 884/0(match): block in on xl2: (tos 0x0, ttl 107, id 25163, offset 0, flags [DF], proto: TCP (6), length: 48) > S, cksum 0x08fd (correct), 1282968680:1282968680(0) win 16384 <mss 1420,nop,nop,sackok="">I know every connection with torrents opens a new port, but i cant see how its hard, this is just a port forward with a firewall rule to pass it.

    Shouldn't the Destination be the pc in question?</mss>

  • Try to enable static port:

    However this applies only to outbound ports.
    If you've set the NAT correctly up inbound connections should work.

    If you see a connection to 52349 this means someone is connect to this port on your side,
    and he's not connecting to the port you specified in the uTorrent config.

    I dont think these blocks you are seeing are related to uTorrent.

  • static port did nothing,
    just worked out im running 1.2 will look at going to 1.2.2 or 2.0 (1.3)

    just do i have enuff bits to set up a new system and keep the old one as a fall back if need be.

    The Pain lol.

Log in to reply