"itln.stln" <itln.stln@cox.net> writes:

> Actually after further review and research I found out that the
> application needs to have UPnP enabled. Does OpenBSD's pf support UPnP
> or am I out of luck.

A bit of archive searching turns up among other things
http://marc.theaimsgroup.com/?l=open...3065622881&w=2,
which may or may not be the solution you are looking for.

You might want browse the results of
http://marc.theaimsgroup.com/?l=open...r=1&s=UPnP&q=b
or similar searches for further input.

--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/
"First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales"

itln.stln wrote:

> itln.stln wrote:

<snippeti>

>> Ok I've got my OpenBSD box setup as a Gateway with a DHCP server
>> running off of it and i'm using the dns addresses that the isp issued
>> with it's dhcp. Anyway I am now trying to run Azureus (a bittorrent
>> client) and am having problems. I think that I opened the listening
>> port (6881) correctly on the OpenBSD box by adding 6881 to my
>> tcp_services macro, but I still get a NAT Error when I try to test it
>> through Azureus's configuration wizard. Does anyone have any insights
>> on this? Thank you so much and here are the pf rules.
>>
>> # macros
>> int_if = "fxp1"
>> ext_if = "fxp0"
>>
>> tcp_services = "{ 22, 113, 6881 }"
>> icmp_types = "echoreq"
>>
>> priv_nets = "{ 127.0.0.0/8, 192.168.0.0/16 }"
>>
>> # options
>> set block-policy return
>> set loginterface $ext_if
>>
>> # scrub
>> scrub in all
>>
>> # nat/rdr
>> nat on $ext_if from $int_if:network to any -> ($ext_if)
>> rdr on $int_if proto tcp from any to any port 21 -> 127.0.0.1 \
>> port 8021
>>
>> # filter rules
>> block all
>>
>> pass quick on lo0 all
>>
>> block drop in quick on $ext_if from $priv_nets to any
>> block drop out quick on $ext_if from any to $priv_nets
>>
>> pass in on $ext_if inet proto tcp from any to ($ext_if) \
>> port $tcp_services flags S/SA keep state
>>
>> pass in on $ext_if inet proto tcp from port 20 to ($ext_if) \
>> user proxy flags S/SA keep state
>>
>> pass in inet proto icmp all icmp-type $icmp_types keep state
>>
>> pass in on $int_if from $int_if:network to any keep state
>> pass out on $int_if from any to $int_if:network keep state
>>
>> pass out on $ext_if proto tcp all modulate state flags S/SA
>> pass out on $ext_if proto { udp, icmp } all keep state
>
>
> Actually after further review and research I found out that the
> application needs to have UPnP enabled. Does OpenBSD's pf support UPnP
> or am I out of luck.
>
> Thanks again for all the help.

You must rdr the (6881/tcp) port to the machine where the BitTorrent
client is running. Just like any other server behind NAT, users on the
other side can't connect unless you do redirecting on the firewall.
--
marko [dot] vihoma [at] dnainternet [dot] net

Keskustelua zombeista c.u.b.freebsd.misc:
Thanks, parents were stuck and had to be killed.