You are not logged in.
Hi all,
I'm still trying to wade through this nightmarish documentation and figure out how to set up a firewall with iptables. I understand the syntax and how it all works - I just can't translate what I want to do into the relevant commands.
I have the most basic set up imaginable - a single pc connected to a cable modem via eth0, with no servers or anything running on it. All I want it to do is be secure as possible, but also to allow decent upload/download speeds with bittorrent. I've done a lot of reading around and I reckon that this should work:
[root@sigma7 robot5x]# iptables -nL
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:6881:6889
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:6881:6889
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 But my upload/download speeds are very bad...I know this has sort of been asked recently, but can someone let me know if I'm on the right track in terms of having ports 6881-6889 accessible for bittorrent? Maybe I need to issue some more commands?
All help very appreciated!
Offline
Hmm.. well, seems like I was getting my sports and my dports mixed up. Happens all the time.
what I actually needed was
iptables -A INPUT -p udp/tcp --sport 6881:6889 -j ACCEPT
iptables -A OUTPUT -p udp/tcp --dport 6881:6889 -j ACCEPT
Now I'm getting some good upload speeds in ctorrent.
woo
Offline