Michael Powell <[EMAIL PROTECTED]> escribió:
Fbsd1 wrote:
[snip]
The only way i can run limewire is
to disable my firewall and that does not make me happy.
This is simply not true. I have at one time or another run Limewire on
each of the three different firewalls. Currently for a little over
one year now it has been pf. The difference is just syntax.
Why don't you send the rules or as you say "difference in syntax" that
are blocking limewire and p2p to the list for two reasons:
1. to quickly find how it is being blocked and remedy your problem.
2. Help an idiot like me block p2p.
good luck,
ed
I think the conclusion is that all 3 of the freebsd firewalls are unable
to monitor packet exchange of p2p applications. These firewalls were
designed before p2p applications were developed and their (p2p) inherent
design is to defeat standard firewall designs.
I really do not understand most of the above paragraph, it makes little
sense to me. Non sequitur.
The OSI reference stack has 7 layers. These firewalls are simple packet
filtering firewalls and only reach Layer 4. The Application layer is
Layer 7, and these firewalls do not perform the deep packet inspection
or decoding required to filter at Layer 7.
As far as reading the docs is concerned it should become apparent that
there are 3 modalities for configuring Limewire. In my situation I have
a FreeBSD server acting as a gateway with pf and DNS running. The UPnP
option is for a typical Windows user who may have a router device that
will assist a UPnP service to autoconfigure the Windows box. Proceed to
examining the second option, Manual Port Forward. I'll ignore the third
as it is "Do Nothing", which is useless.
So on the Limewire "Advanced -> Firewall" config page enter a port
number, such as 6346 in both the "Listen on Port" and the "Manual Port
Forward" boxes.
Then after your NAT rule in pf.conf enter something like the following:
rdr on $ExtIF proto tcp from any to any port 6346 -> 192.168.10.2 port 6346
and a corresponding filter pass rule:
pass in quick on $ExtIF inet proto tcp from any to 192.168.10.2 port
6346 keep state
192.168.10.2 is my desktop machine where I use Limewire. It works just fine.
-Mike
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
