Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Allowing torrent

    Firewalling
    3
    5
    14306
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      epema last edited by

      Hello guys,

      I want to enable passing torrent through pfsense for one host. ex 192.168.1.233.
      So, I create a inbound NAT rule redirecting all incoming connections for 52345 -> 192.168.1.233:52345.
      So, obviously…52345 is a port used for incoming connections on the client.

      Should I create an outbound rule? And any more suggestions on that?

      Thanks a lot!

      ps: I have seen this topic.. http://malindarats.blogspot.nl/2011/08/normal-0-false-false-false-en-us-x-none.html
      however I didn't get thing about the gateway. I think I dont have to configure anything there.

      1 Reply Last reply Reply Quote 0
      • marcelloc
        marcelloc last edited by

        If 192.168.1.233 has a lan rule allowing all traffic to internet, the rdr rule on interface wan is fine.

        1 Reply Last reply Reply Quote 0
        • E
          epema last edited by

          Hi there,

          Please take a look at my firewall rules in attachments.
          However, my uTorrent doesn't download.

          I tcpdumped internal interface for 52394 port, however it didnt show any packets.

          What can be wrong?

          ![pfsense.localdomain - Firewall NAT Port Forward-094308.png](/public/imported_attachments/1/pfsense.localdomain - Firewall NAT Port Forward-094308.png)
          ![pfsense.localdomain - Firewall NAT Port Forward-094308.png_thumb](/public/imported_attachments/1/pfsense.localdomain - Firewall NAT Port Forward-094308.png_thumb)
          ![pfsense.localdomain - Firewall Rules-094245.png](/public/imported_attachments/1/pfsense.localdomain - Firewall Rules-094245.png)
          ![pfsense.localdomain - Firewall Rules-094245.png_thumb](/public/imported_attachments/1/pfsense.localdomain - Firewall Rules-094245.png_thumb)

          1 Reply Last reply Reply Quote 0
          • marcelloc
            marcelloc last edited by

            change nat ports on rdr rule from any/* to 52394

            move the lan rule that logs traffic to 192.168.1.233 before lan rule that allow all access from lan to internet.

            1 Reply Last reply Reply Quote 0
            • johnpoz
              johnpoz LAYER 8 Global Moderator last edited by

              What does your wan rule say?  Did you let it auto create the wan rule when you created the nat?

              As to the lan rule - it shouldn't really matter if that rule is before or after your pass rule to lan net.  But not sure why you would even have such a rule?  lan devices normally would never even talk to pfsense to talk to other lan devices.

              Your current lan rule as source of 192.168.1.233 would allow only that box to talk to the internet.  Is that what you want, you don't want any of your other devices to talk to the internet?

              edit: btw I notice your only allowing TCP, utorrent can and does use UDP as well.

              http://www.utorrent.com/help/faq/network
              If you have a firewall, you must allow all outgoing traffic on TCP and UDP.

              If you not getting anything to work, its quite possible your trying to use a UDP tracker, and you are not allowing any outbound udp on that lan rule you have.

              I just took a look at one the torrents I downloaded recently, and tracker shows
              udp://tracker.openbittorrent.com:80/

              So with your current lan rule there would be no way for you to contact that tracker since your not allowing udp outbound.

              edit: so you can see all the rules.  Here are my wan rules, nat rules, and lan rule that allow torrents to work.  You will see my forwards and rules that allow inbound on tcp/udp for my utorrent ports.

              And then the lan rule that allows clients to go to anything outbound.  Those other lan rules are blocking 1 client that I use for websense testing to only be able to go to websense IPs, and blocks direct outbound.






              1 Reply Last reply Reply Quote 0
              • First post
                Last post

              Products

              • Platform Overview
              • TNSR
              • pfSense
              • Appliances

              Services

              • Training
              • Professional Services

              Support

              • Subscription Plans
              • Contact Support
              • Product Lifecycle
              • Documentation

              News

              • Media Coverage
              • Press
              • Events

              Resources

              • Blog
              • FAQ
              • Find a Partner
              • Resource Library
              • Security Information

              Company

              • About Us
              • Careers
              • Partners
              • Contact Us
              • Legal
              Our Mission

              We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

              Subscribe to our Newsletter

              Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

              © 2021 Rubicon Communications, LLC | Privacy Policy