Utorrent incoming block question
-
Hi,
I've been running some tests on my firewall and I have a question. I'm no firewall guru and getting pfSense up and running has been the most excellent firewall security learning experience I could ever ask for.
I created a port forward for uTorrent and enabled the NAT rules and incoming fw rule on the WAN.
Since then I've turned off the utorrent client, completely deleted the NAT rule and the fw rule and reset the state table. Now when I check my firewall logs I still see a huge number of inbound attempts trying to connect to the exact port I had used for uTorrent. Why is that exactly?
-
That's the nature of bit-torrent. The behavior is normal.
When you had your torrent client connected other peers connect to you. When you close your torrent client the other peers don't know where your client is so they continue to try to connect until they timeout.
What you are seeing the the connection re-tries from the peers you used to be connected to. Just wait for them to time out and your traffic will return to normal. -
The incoming traffic on that port is not as much this morning but still significant. I guess the time-out value on some of these peers is quite long.
Thanks for the explanation.
-
I have seen traffic last for a whole day before. Some Anti-P2P groups may even try to connect to your IP several times over the next month. The best thing you can do is to drop that traffic.