Hi All, Can anybody please tell me what configuration I need to get edonkey working=20 through shorewall? Iv seena number of postings in various sites which seem to give conflicting=20 information. Im running a two interface router/firewall and want to run edonkey on one of the=20 client PCs. Is anybody out there doing the same thing? Thanks in advance Scott
> Can anybody please tell me what configuration I need to get edonkey working > through shorewall? > > Iv seena number of postings in various sites which seem to give conflicting > information. > > Im running a two interface router/firewall and want to run edonkey on one of the > client PCs. Is anybody out there doing the same thing?Nope... But eDonkey by default uses TCP 4662, and therefore you have to open that port for incoming connections. The following rule will do this for the specified client in the local net. You will have to allow outgoing connections, if not already having all open (loc2net). I assume this, judging from the question... DNAT net loc:192.168.6.66 tcp 4662 karsten -- Davision - Atelier fuer Gestaltung / Internet / Multimedia UNIX / Linux Netzwerke und Schulungen Telefon 06151/17865 Fax 06151/178659 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.shorewall.net/pipermail/shorewall-users/attachments/20031009/9a5d6c4a/attachment.bin
On Thu, 9 Oct 2003, Karsten Br?ckelmann wrote:> > > Can anybody please tell me what configuration I need to get edonkey working > > through shorewall? > > > > Iv seena number of postings in various sites which seem to give conflicting > > information. > > > > Im running a two interface router/firewall and want to run edonkey on one of the > > client PCs. Is anybody out there doing the same thing? > > Nope... > > But eDonkey by default uses TCP 4662, and therefore you have to open > that port for incoming connections. > > The following rule will do this for the specified client in the local > net. You will have to allow outgoing connections, if not already having > all open (loc2net). I assume this, judging from the question... > > DNAT net loc:192.168.6.66 tcp 4662 >Where "192.168.6.66" is the IP address of the computer that you want to infect. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
> Can anybody please tell me what configuration I need to get edonkey working=20 > through shorewall? >=20 > Iv seena number of postings in various sites which seem to give conflicting=20 > information. >=20 > Im running a two interface router/firewall and want to run edonkey on one ofthe=20> client PCs. Is anybody out there doing the same thing?>Nope...>But eDonkey by default uses TCP 4662, and therefore you have to open >that port for incoming connections.>The following rule will do this for the specified client in the local >net. You will have to allow outgoing connections, if not already having >all open (loc2net). I assume this, judging from the question...>DNAT net loc:192.168.6.66 tcp 4662> karstenThanks for that Karsten, I had to put in a similar rule for for udp 9716 and after that it worked fine.. Scott..
On Sat, Oct 11, 2003 at 03:47:49PM +1000, Scott Ransom wrote:> > Can anybody please tell me what configuration I need to get edonkey working > > through shorewall?> >The following rule will do this for the specified client in the local > >net. You will have to allow outgoing connections, if not already having > >all open (loc2net). I assume this, judging from the question... > >DNAT net loc:192.168.6.66 tcp 4662 > > karsten > > Thanks for that Karsten, > > I had to put in a similar rule for for udp 9716 and after that it > worked fine..The emule project has a good page about this: http://www.emule-project.net/faq/ The "Ports" page. Using that as a guide, I set up these rules on my gibraltar Shorewall firewall that seem to work just fine: # eDonkey Stuff DNAT net loc:192.168.XXX.XXX tcp 4661,4662,4711 DNAT net loc:192.168.XXX.XXX udp 4665,4672 The only unfortunate thing is that it can''t be forwarded to 0.0.0.0, so any client on the inside can take advantage of it. HTH. Adam -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.shorewall.net/pipermail/shorewall-users/attachments/20031011/3b9c271d/attachment.bin