Hi all

Rules for bittorrent none work , why ?

# Bittorrent
rdr on sis0 inet proto tcp from any to (sis0) port 6882 -> 192.168.30.1 port 6882

# Bittorrent
pass in quick on sis0 inet proto tcp from any to 192.168.30.1 port 6882 flags S/SA modulate state label "bittorrent"

I 'm a "workstation" , alone so.
Thanks.

# Bittorrent
rdr on sis0 inet proto tcp from any to (sis0) port 6882 -> 192.168.30.1 port 6882

# Bittorrent
pass in quick on sis0 inet proto tcp from any to 192.168.30.1 port 6882 flags S/SA modulate state label "bittorrent"

1. You have a PF problem, not a PCBSD problem.

The rules you have posted are the kind found in the firewall configuration file, /etc/pf.conf I do not have enough skills to solve your problem -- pf has an amazing variety of commands and combinations. However, it seems to me that you have not provided enough information to diagnose what the problem is.

a. One of the problems is that your listing is very limited. Since under pf, the last-rule-wins, we do not know if anything is overriding the command. Perhaps you should post the entire pf.conf file.

b. Can you check if your syntax is correct? Is inet a pf macro? Are your macro references spelled correctly throughout your code?

c. PF examples are available in the man page [in a terminal, #man pf.conf] [in konqueror, man:pf.conf -- note the use of the colon] There are also several tutorials for pf on the web.

d. This OpenBSD post (which is not answered) has some similar syntax to look at.
http://archives.neohapsis.com/archives/ ... /1985.html (http://archives.neohapsis.com/archives/openbsd/2006-02/1985.html)

================================================== ===================================
2. I use ktorrent on my standalone desktop without any problem. I am using the default pf.conf. However, I had to configure my router to permit "port forwarding" on the desired port to let the torrent pass through the router without being blocked. Is that what you are trying to do with the "rdr" line.

Your IP address shows you have a router, so have you set router port 6882 open for TCP and UDP? Or are you using the rdr code because you are using a BSD computer as a firewall?

So nobody want to post that pf.conf with use of bittorent and ftp rules ?
( no pf.conf default of pcbsd ^^ ).

Thanks ...

ps:no rtfm , please. ^^


internet ---- box ---- workstation alone.

I haven't found anything to help you. You have a large set of rules (which I thought you had posted) If you wrote them yourself, your skills are above and beyond mine.

Perhaps you can go to Freenode Internet Relay Chat (IRC) and log in to either #pcbsd or #bsdcert.

On #pcbsd you are likely to find some very knowledgeable people.

On #bsdcert you will likely find dru lavigne (dlavigne), diane bruce (dianora) or Peter N.M. Hansteen (pitrh).

Ms. Dru Lavigne is a former professor, head of the newly created bsd certification organization, a major contributor to BSD knowledge. She wrote BSD Hacks and The Best of FreeBSD Basics and regulary contributes to IT Toolbox and O'Reilly BSD columns.

Ms. Diane Bruce is a phenomenal BSD coder and BSD advocate.

Peter N.M. Hansteen recently published The Book of PF.

Hope that gets you some help.

Hi,
I would like to join this conversation to ask for a question. I've got the same problem with bit torrent, in particular I have:

1. a router;
2. my host is connected to internet trough this router, and I've set a static IP in the network manager.

I haven't set any rule for packet filter (pf.conf) but for the router, and my download speed is low. I know that IP and port forwarding on the router is needed to have bit torrent properly working. I use Deluge and when I test if my ports are opened it tells me that are closed and show me the IP address and the number of the port.

Now, the problem is that it show me the public IP (I guess) and not the one I've set in network settings.

Is this a problem of my PF or something else? could you help me? Should I enable NAT tranlation in pf.conf?
Bye, Daniele.

Hi,

for GigiLaTrottola if you use the default rules of pcbsd , bittorent work perfectly.

set skip on lo0
set block-policy drop
scrub in all
block in log
antispoof quick for { lo0,sis0 } ( modify by me ,better ^^ )
block in from no-route to any
pass out keep state
table <blacklist> persist file "/etc/blacklist"
pass inet proto icmp from any to any
pass in proto {tcp,udp} from any to any port 49152:65535 keep state
block from <blacklist> to any
pass in on sis0 proto udp from any to (sis0) port 137 keep state
pass in on sis0 proto udp from any to (sis0) port 138 keep state
pass in on sis0 proto tcp from any to (sis0) port 139 keep state
pass in on sis0 proto tcp from any to (sis0) port 445 keep state

open in your router ports for bittorent. ( in nat )
Exemple 6881 or 6881:6889 in tcp
Bittorrent can use one port if you want.

"Ms. Dru Lavigne is a former professor, head of the newly created bsd certification organization, a major contributor to BSD knowledge. She wrote BSD Hacks and The Best of FreeBSD Basics and regulary contributes to IT Toolbox and O'Reilly BSD columns.

Ms. Diane Bruce is a phenomenal BSD coder and BSD advocate.

Peter N.M. Hansteen recently published The Book of PF."

Houlala ^^

for GigiLaTrottola if you use the default rules of pcbsd , bittorent work perfectly.

set skip on lo0
set block-policy drop
scrub in all
block in log
antispoof quick for { lo0,sis0 } ( modify by me ,better ^^ )
block in from no-route to any
pass out keep state
table <blacklist> persist file "/etc/blacklist"
pass inet proto icmp from any to any
pass in proto {tcp,udp} from any to any port 49152:65535 keep state
block from <blacklist> to any
pass in on sis0 proto udp from any to (sis0) port 137 keep state
pass in on sis0 proto udp from any to (sis0) port 138 keep state
pass in on sis0 proto tcp from any to (sis0) port 139 keep state
pass in on sis0 proto tcp from any to (sis0) port 445 keep state

open in your router ports for bittorent. ( in nat )
Exemple 6881 or 6881:6889 in tcp
Bittorrent can use one port if you want.

thank you, I will try your settings tomorrow
Bye, Daniele

Ladies --

You should look at KTorrent -- available in ports, packages, and PBI.

I've tried several torrent clients, but KTorrent seemed the fastest and most stable on PC-BSD.

HI,

"thank you, I will try your settings tomorrow
Bye, Daniele"

Sorry , but i think i do a little mistake Daniele ... ^^'

It 's work but in low id because it 's firewalled.

Now i want High ID. :o


"I've tried several torrent clients, but KTorrent seemed the fastest and most stable on PC-BSD."

It 's work fine , so sexy.

See you tomorrow.
Bye bye.