|
Hello Everyone:
I have encountered a problem when
implementing my Linux Firewall using iptables together with some applications
like Bittorrent.It's peer to peer application sharing program.My Linux have two
network interfaces, one is connecting to my internal LAN with IP range
192.168.1.0/24 and other network interface is connecting to internet via ADSL
modem using PPPoE.
Before I illustrated
my situation to you, I have tried to use "BT client" called Bittorrent
S-5.7.3(Shadow's Experimental) to download file from the others. It
has no problem for download but the light turns "YELLOW" to indicate that I'm
behind firewall.Then I add some rules to my iptables to allow traffic can pass
via in my machines in LAN from outside.
The following is my
iptables rules.According to my understanding, BT use the ports 6881 to
6889,Then I forward these ports to my machines in LAN.
#! /bin/sh
iptables -t nat -A PREROUTING -i ppp0 -p tcp
--dport 6881:6889 -j DNAT --to 192.168.1.90:6881-6889
iptables -A FORWARD -p tcp -s 192.168.1.90
--dport 6881:6889 -j ACCEPT
After I have implemented these rules, my
light for BT client turns to "GREEN" mean that it's operational.Then I try to
make some BT file for someone to download behind firewall, but problem occurs.
The light is always "RED" - there are no connections from other
clients.
So I would like to know that what happens
to my linux firewall and how can I do to achieve my goal that creating BT files
behind firewall for others to download ?
The above chain rules already prove that
outside traffic can come in to my client machine.
I appreciate if anyone can help me to solve
these problems...many thx !!
Tom Cheung
23 Sept 2003
|
