Hi, I''m using shorewall v4.4.11.1 on fedora14 with two interfaces, and would like to use the BitTorrent32 macro for bittorrent traffic on the internal lan. I use ports different than the defined 6881 in the macro. How can I modify the macro to use my bittorrent port? Would I use something like: BitTorrent32(DNAT):info net 192.168.1.5 tcp 61000:62000 I''d sure appreciate it if someone could show me how to properly permit bittorrent to a host on a private lan. Thanks, Alex ------------------------------------------------------------------------------ Free Software Download: Index, Search & Analyze Logs and other IT data in Real-Time with Splunk. Collect, index and harness all the fast moving IT data generated by your applications, servers and devices whether physical, virtual or in the cloud. Deliver compliance at lower cost and gain new business insights. http://p.sf.net/sfu/splunk-dev2dev
Hi Alex, You just need to change the BitTorrent macro file, usually at /usr/share/shorewall Regards, Anderson. 2011/2/23 Alex <mysqlstudent@gmail.com>> Hi, > > I''m using shorewall v4.4.11.1 on fedora14 with two interfaces, and > would like to use the BitTorrent32 macro for bittorrent traffic on the > internal lan. I use ports different than the defined 6881 in the > macro. How can I modify the macro to use my bittorrent port? > > Would I use something like: > > BitTorrent32(DNAT):info net 192.168.1.5 tcp 61000:62000 > > I''d sure appreciate it if someone could show me how to properly permit > bittorrent to a host on a private lan. > > Thanks, > Alex > > > ------------------------------------------------------------------------------ > Free Software Download: Index, Search & Analyze Logs and other IT data in > Real-Time with Splunk. Collect, index and harness all the fast moving IT > data > generated by your applications, servers and devices whether physical, > virtual > or in the cloud. Deliver compliance at lower cost and gain new business > insights. http://p.sf.net/sfu/splunk-dev2dev > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users >------------------------------------------------------------------------------ Free Software Download: Index, Search & Analyze Logs and other IT data in Real-Time with Splunk. Collect, index and harness all the fast moving IT data generated by your applications, servers and devices whether physical, virtual or in the cloud. Deliver compliance at lower cost and gain new business insights. http://p.sf.net/sfu/splunk-dev2dev
On 2/22/11 8:44 PM, Anderson Watanabe wrote:> You just need to change the BitTorrent macro file, usually at > /usr/share/shorewall >But copy it to /etc/shorewall/ first. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Free Software Download: Index, Search & Analyze Logs and other IT data in Real-Time with Splunk. Collect, index and harness all the fast moving IT data generated by your applications, servers and devices whether physical, virtual or in the cloud. Deliver compliance at lower cost and gain new business insights. http://p.sf.net/sfu/splunk-dev2dev
Hi,>> You just need to change the BitTorrent macro file, usually at >> /usr/share/shorewall >> > > But copy it to /etc/shorewall/ first.So I assume it will then take precedence over the default? How can I see what a macro expands to? Thanks again, Alex ------------------------------------------------------------------------------ Free Software Download: Index, Search & Analyze Logs and other IT data in Real-Time with Splunk. Collect, index and harness all the fast moving IT data generated by your applications, servers and devices whether physical, virtual or in the cloud. Deliver compliance at lower cost and gain new business insights. http://p.sf.net/sfu/splunk-dev2dev
On 2/23/11 5:36 AM, Alex wrote:> Hi, > >>> You just need to change the BitTorrent macro file, usually at >>> /usr/share/shorewall >>> >> >> But copy it to /etc/shorewall/ first. > > So I assume it will then take precedence over the default?Yes.> > How can I see what a macro expands to? >shorewall trace check | less And search for the macro name. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Free Software Download: Index, Search & Analyze Logs and other IT data in Real-Time with Splunk. Collect, index and harness all the fast moving IT data generated by your applications, servers and devices whether physical, virtual or in the cloud. Deliver compliance at lower cost and gain new business insights. http://p.sf.net/sfu/splunk-dev2dev
Hi,>> How can I see what a macro expands to? > > shorewall trace check | less > > And search for the macro name.Thanks so much for your help. Regards, Alex ------------------------------------------------------------------------------ Free Software Download: Index, Search & Analyze Logs and other IT data in Real-Time with Splunk. Collect, index and harness all the fast moving IT data generated by your applications, servers and devices whether physical, virtual or in the cloud. Deliver compliance at lower cost and gain new business insights. http://p.sf.net/sfu/splunk-dev2dev
Hi, Last week I had posted a question regarding how to use the BitTorrent32 macro on my local system for ports different than the 6881 that is hardcoded in the macro itself. Thought I would follow up with some additional information that might be helpful to others.>>>> You just need to change the BitTorrent macro file, usually at >>>> /usr/share/shorewall >>> >>> But copy it to /etc/shorewall/ first. >> >> So I assume it will then take precedence over the default? > > Yes. > >> >> How can I see what a macro expands to? > > shorewall trace check | less > > And search for the macro name.After copying it to my local shorewall directory, I added another line to the file: PARAM - - udp 1024 Apparently 1024 also needed to be translated for the distributed db support in vuze (azureus). Here''s what a kernel error log entry looks like: Mar 1 00:11:42 fc14 kernel: [2345244.407987] Shorewall:ext2fw:REJECT:IN=eth0 OUTMAC=40:61:86:4e:84:09:00:21:a0:75:e3:12:08:00 SRC=78.AAA.BBB.173 DST=68.XXX.XXX.42 LEN=99 TOS=0x00 PREC=0x00 TTL=114 ID=27063 PROTO=UDP SPT=60652 DPT=1024 LEN=79 Thanks, Alex ------------------------------------------------------------------------------ Free Software Download: Index, Search & Analyze Logs and other IT data in Real-Time with Splunk. Collect, index and harness all the fast moving IT data generated by your applications, servers and devices whether physical, virtual or in the cloud. Deliver compliance at lower cost and gain new business insights. http://p.sf.net/sfu/splunk-dev2dev