Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    BitTorrent, UPnP and Traffic Shaper

    Firewalling
    4
    11
    8377
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jlepthien last edited by

      Hi there,

      I have set up my traffic shaper and it is working. All uncategorized traffic goes into my p2p queue. Now I want to restrict my traffic, deleting the LAN->WAN any rule and have seperate rules for every service that I use. Now one machine still needs to use BitTorrent. So I want to enable UPnP for this machine. What is the best practice there? Do I need to apply UPnP to the LAN interface and allow all ports from 1024-65535 to be opened then? Or LAN and WLAN, because these two interfaces are bridged together? And what about the Traffic Shaper queue? Which one has to be put in into the UPnP setting? The upload or download queue? This way I only needed one port to be forwarded to my BitTorrent box and UPnP would handle all outgoing traffic, is that right?

      pfSense 1.2.3 RC3 is in use…

      Thanks

      1 Reply Last reply Reply Quote 0
      • J
        jlepthien last edited by

        Can't be that nobody has the same problem with bittorrent…
        How do you guys handle bittorrent? I do not want my torrent machine to allow all outgoing traffic >1024...

        Thanks

        1 Reply Last reply Reply Quote 0
        • GruensFroeschli
          GruensFroeschli last edited by

          I dont use upnp for bittorrent.
          I created a static DHCP entry for the computer using bittorrent so it gets everytime the same IP.
          The create a portforward for this computer.

          1 Reply Last reply Reply Quote 0
          • J
            jlepthien last edited by

            The portforwarding is not the problem. I have set up a static one as well. I do not want to open ALL OUTGOING traffic for this system. Bittorrent uses all random ports >1024 and that suckz. I am looking for a solution for this and thought that maybe UPnP could open the OUTGOING connections temporarily as well…

            Or is BT running for you if you just open up the one port of your client? You also need all the outgoing ports >1024...

            1 Reply Last reply Reply Quote 0
            • GruensFroeschli
              GruensFroeschli last edited by

              Ah you're talking about outbound connections.
              Hmmm. I'm not sure how to go at this.

              Have you tried to set something in the config of your client?

              1 Reply Last reply Reply Quote 0
              • J
                jlepthien last edited by

                In every client I tried (uTorrent, Transmission or XTorrent) for my OS X there is only a possibility to change the one incoming port…
                So UPnP is generally only for portforwarding? Not for outgoing connections?

                How do the other people use this? It cannot be that you need to open up such a great whole just for bittorrent traffic...

                1 Reply Last reply Reply Quote 0
                • GruensFroeschli
                  GruensFroeschli last edited by

                  Yes upnp is used to map inbound ports, not outbound.

                  I'm not sure if this is possible.
                  A quick google shows some discussions in the uTorrent forum about this.
                  I think you can set something like this in a developers version of it.

                  The other possibility would be to just block outbound connections completly except a small range.
                  But this would slow down the establishing of connections, since the client has to find these open ports with try/error.

                  1 Reply Last reply Reply Quote 0
                  • jimp
                    jimp Rebel Alliance Developer Netgate last edited by

                    Bittorrent clients set the port they use to listen, so when you connect to peers, it's using whatever they have set in their client.

                    There is no way around this in 1.2.3. In 2.0 there is a layer 7 protocol classifier that can identify bittorrent traffic regardless of port and shape it appropriately.

                    1 Reply Last reply Reply Quote 0
                    • J
                      jlepthien last edited by

                      Nice. Hopefully 2.0 will not take a whole year to be released ;)

                      But also you are not quite correct on the client ports. Bittorrent uses whatever ports it needs above 1024. If I set my client to 52525 it also uses all ports above 1024. It is not only the ports other people use…

                      1 Reply Last reply Reply Quote 0
                      • jimp
                        jimp Rebel Alliance Developer Netgate last edited by

                        Let's hope  ;D

                        It's in better shape than it has been. Once 1.2.3 is out the door, and FreeBSD 8.0 is released, there will be more progress made.

                        Work has already shifted focus to 2.0 and getting more bits functional, but it's still not stable in many ways.

                        1 Reply Last reply Reply Quote 0
                        • L
                          Liath.WW last edited by

                          Not sure if this is a res of an old dead topic but I found this while looking through google trying to find out how to make sense of 2.0's traffic shaper, since the wizard doesn't work.

                          In uTorrent you can set the outbound ports, if you go to the advanced settings.  I used that to set traffic shaping rules for my wife's torrents.

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post

                          Products

                          • Platform Overview
                          • TNSR
                          • pfSense
                          • Appliances

                          Services

                          • Training
                          • Professional Services

                          Support

                          • Subscription Plans
                          • Contact Support
                          • Product Lifecycle
                          • Documentation

                          News

                          • Media Coverage
                          • Press
                          • Events

                          Resources

                          • Blog
                          • FAQ
                          • Find a Partner
                          • Resource Library
                          • Security Information

                          Company

                          • About Us
                          • Careers
                          • Partners
                          • Contact Us
                          • Legal
                          Our Mission

                          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                          Subscribe to our Newsletter

                          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                          © 2021 Rubicon Communications, LLC | Privacy Policy