My point wasn't that you need NAT, I got the part where you said you
weren't NATing. The point is that no special configurations are needed
to make XBox live work with pfSense and yes, UPnP is simply to
automagically set up NATs as needed.
Chris Flugstad wrote:
I totally knew I'd get a response in regards to NATing ;) I am not
using NAT. I have public ip's on the inside of this network so there
is no NATING. UPNP would only be used for NAT correct?
I myself tend to skim posts on here, so I totally understand Gary, and
thanks for the quick response. Hopefully someone else has a response
that will help though.
-topher
On 5/11/2010 5:23 PM, Gary Buckmaster wrote:
I'm using an XBox behind a very straightforward pfSense install
without any difficulty. You shouldn't need any special contortions
to make it work except NATing the ports XBox Live wants (it works
without them but it complains). UPnP should also "Just Work" if you
enable that.
Chris Flugstad wrote:
So I have a pfsense router in a buidling DHCP'ing pub ip's on the
LAN. I have a user that can connect his xbox 360 online to xbox
live but cannot connect to other players or join parties. He has
tried plugging his xbox directly bypassing his router and giving his
xbox a pub ip. this does not work. i wonder if something would
need to be set in pfsense to allow this to work?
Again, I have public ip's on the inside of my network so i do not
have NAT for any of you who are going to respond with responses that
would point me into doing fw changes for NAT
below is a dump of my config.
Sincerely,
Topher
<?xml version="1.0"?>
<pfsense>
<version>3.0</version>
<lastchange/>
<theme>nervecenter</theme>
<system>
<optimization>normal</optimization>
<hostname> </hostname>
<domain> .net</domain>
<username> </username>
<password>$.</password>
<timezone>Etc/GMT-8</timezone>
<time-update-interval/>
<timeservers>0.pfsense.pool.ntp.org</timeservers>
<webgui>
<protocol>https</protocol>
<port/>
<certificate/>
<private-key/>
</webgui>
<disablenatreflection>yes</disablenatreflection>
<ssh>
<authorizedkeys/>
<port/>
</ssh>
<enablesshd>yes</enablesshd>
<maximumstates/>
<shapertype/>
<dnsserver>207.66.128.8</dnsserver>
<dnsserver>207.66.60.8</dnsserver>
<dnsallowoverride/>
</system>
<interfaces>
<lan>
<if>bge0</if>
<ipaddr>216.127.63.65</ipaddr>
<subnet>26</subnet>
<media/>
<mediaopt/>
<bandwidth>100</bandwidth>
<bandwidthtype>Mb</bandwidthtype>
<bridge/>
</lan>
<wan>
<if>bge1</if>
<mtu/>
<media/>
<mediaopt/>
<bandwidth>100</bandwidth>
<bandwidthtype>Mb</bandwidthtype>
<spoofmac/>
<ipaddr>216.127.32.44</ipaddr>
<subnet>29</subnet>
<gateway>216.127.32.41</gateway>
</wan>
</interfaces>
<staticroutes/>
<pppoe>
<username/>
<password/>
<provider/>
</pppoe>
<pptp>
<username/>
<password/>
<local/>
<subnet/>
<remote/>
</pptp>
<bigpond/>
<dyndns>
<type>dyndns</type>
<username/>
<password/>
<host/>
<mx/>
</dyndns>
<dhcpd>
<lan>
<enable/>
<range>
<from>216.127.63.66</from>
<to>216.127.63.126</to>
</range>
<defaultleasetime/>
<maxleasetime/>
<netmask/>
<failover_peerip/>
<gateway>216.127.63.65</gateway>
<ddnsdomain/>
<next-server/>
<filename/>
<staticmap>
<mac>00:21:91:15:90:24</mac>
<ipaddr>216.127.63.80</ipaddr>
<hostname>WBR-1310</hostname>
<descr/>
</staticmap>
</lan>
</dhcpd>
<pptpd>
<mode/>
<redir/>
<localip/>
<remoteip/>
</pptpd>
<ovpn/>
<dnsmasq>
<enable/>
</dnsmasq>
<snmpd>
<syslocation/>
<syscontact/>
<rocommunity>public</rocommunity>
</snmpd>
<diag>
<ipv6nat/>
</diag>
<bridge/>
<syslog/>
<nat>
<ipsecpassthru/>
<advancedoutbound>
<enable/>
</advancedoutbound>
</nat>
<filter>
<rule>
<type>block</type>
<interface>wan</interface>
<max-src-nodes/>
<max-src-states/>
<statetimeout/>
<statetype>keep state</statetype>
<os></os>
<source>
<address>216.127.63.80</address>
</source>
<destination>
<any/>
</destination>
<descr/>
</rule>
<rule>
<type>pass</type>
<interface>wan</interface>
<max-src-nodes/>
<max-src-states/>
<statetimeout/>
<statetype>keep state</statetype>
<os/>
<source>
<any/>
</source>
<destination>
<any/>
</destination>
<descr/>
</rule>
<rule>
<type>reject</type>
<interface>lan</interface>
<max-src-nodes/>
<max-src-states/>
<statetimeout/>
<statetype>keep state</statetype>
<os/>
<source>
<address>216.127.63.80</address>
</source>
<destination>
<any/>
</destination>
<descr>block misch ip</descr>
</rule>
<rule>
<type>block</type>
<interface>lan</interface>
<max-src-nodes/>
<max-src-states/>
<statetimeout/>
<statetype>keep state</statetype>
<os/>
<source>
<address>216.127.63.116</address>
</source>
<destination>
<any/>
</destination>
<disabled/>
<descr>block misch ip</descr>
</rule>
<rule>
<type>block</type>
<interface>lan</interface>
<max-src-nodes/>
<max-src-states/>
<statetimeout/>
<statetype>keep state</statetype>
<os/>
<source>
<address>216.127.63.100</address>
</source>
<destination>
<any/>
</destination>
<descr/>
<disabled/>
</rule>
<rule>
<type>pass</type>
<interface>lan</interface>
<max-src-nodes/>
<max-src-states/>
<statetimeout/>
<statetype>keep state</statetype>
<os/>
<source>
<network>lan</network>
</source>
<destination>
<any/>
</destination>
<descr>Default LAN -> any</descr>
</rule>
</filter>
<ipsec>
<preferredoldsa/>
</ipsec>
<aliases>
<alias>
<name>mischeif</name>
<address>216.127.63.80</address>
<descr>bad peoplos</descr>
<type>host</type>
<detail>Entry added Mon, 18 Jan 2010 16:57:58 +0800||</detail>
</alias>
</aliases>
<proxyarp/>
<cron>
<item>
<minute>0</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 newsyslog</command>
</item>
<item>
<minute>1,31</minute>
<hour>0-5</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 adjkerntz -a</command>
</item>
<item>
<minute>1</minute>
<hour>3</hour>
<mday>1</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh</command>
</item>
<item>
<minute>*/60</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600
sshlockout</command>
</item>
<item>
<minute>1</minute>
<hour>1</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 /etc/rc.dyndns.update</command>
</item>
<item>
<minute>*/60</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600
virusprot</command>
</item>
<item>
<minute>*/60</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -t 3600
snort2c</command>
</item>
<item>
<minute>*/5</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/local/bin/checkreload.sh</command>
</item>
<item>
<minute>*/5</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/etc/ping_hosts.sh</command>
</item>
<item>
<minute>*/140</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/local/sbin/reset_slbd.sh</command>
</item>
</cron>
<wol/>
<installedpackages/>
<revision>
<description>/firewall_rules_edit.php made unknown change</description>
<time>1272412107</time>
</revision>
<rrd>
<enable/>
<category>traffic</category>
<style>inverse</style>
</rrd>
<ezshaper>
<step2>
<download>100000</download>
<upload>100000</upload>
<inside_int>lan</inside_int>
<outside_int>wan</outside_int>
</step2>
<step3>
<provider>Asterisk</provider>
<address/>
<bandwidth>128</bandwidth>
<enable>on</enable>
</step3>
<step4>
<address>mischeif</address>
<bandwidthup>356</bandwidthup>
<bandwidthdown>356</bandwidthdown>
<enable>on</enable>
</step4>
<step5>
<enable>on</enable>
<bandwidthup>20</bandwidthup>
<bandwidthdown>20</bandwidthdown>
<p2pcatchall>on</p2pcatchall>
<aimster>on</aimster>
<bittorrent>on</bittorrent>
<buddyshare>on</buddyshare>
<cutemx>on</cutemx>
<dcplusplus>on</dcplusplus>
<dcc>on</dcc>
<directconnect>on</directconnect>
<directfileexpress>on</directfileexpress>
<edonkey2000>on</edonkey2000>
<fasttrack>on</fasttrack>
<gnutella>on</gnutella>
<grouper>on</grouper>
<hotcomm>on</hotcomm>
<hotlineconnect>on</hotlineconnect>
<imesh>on</imesh>
<napster>on</napster>
<opennap>on</opennap>
<scour>on</scour>
<shareaza>on</shareaza>
<songspy>on</songspy>
<winmx>on</winmx>
</step5>
<step7>
<msrdp/>
<vnc/>
<appleremotedesktop/>
<pcanywhere/>
<irc/>
<jabber/>
<icq/>
<aolinstantmessenger/>
<msnmessenger/>
<teamspeak/>
<pptp/>
<ipsec/>
<streamingmp3/>
<rtsp/>
<http/>
<smtp/>
<pop3/>
<imap/>
<lotusnotes/>
<dns/>
<icmp/>
<smb/>
<snmp/>
<mysqlserver/>
<nntp/>
<cvsup/>
</step7>
</ezshaper>
<shaper>
<schedulertype>hfsc</schedulertype>
<queue>
<name>qwanRoot</name>
<associatedrule>0</associatedrule>
<priority>0</priority>
<parentqueue>on</parentqueue>
<bandwidth>100000</bandwidth>
<bandwidthtype>Kb</bandwidthtype>
</queue>
<queue>
<name>qlanRoot</name>
<associatedrule>0</associatedrule>
<priority>0</priority>
<parentqueue>on</parentqueue>
<bandwidth>100000</bandwidth>
<bandwidthtype>Kb</bandwidthtype>
</queue>
<queue>
<name>qwandef</name>
<attachtoqueue>qwanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<defaultqueue>true</defaultqueue>
<priority>1</priority>
<realtime>on</realtime>
<realtime3>1%</realtime3>
<bandwidth>1</bandwidth>
<bandwidthtype>%</bandwidthtype>
<qlimit>500</qlimit>
</queue>
<queue>
<name>qlandef</name>
<priority>1</priority>
<attachtoqueue>qlanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<defaultqueue>true</defaultqueue>
<realtime>on</realtime>
<realtime3>1%</realtime3>
<bandwidth>1</bandwidth>
<bandwidthtype>%</bandwidthtype>
<qlimit>500</qlimit>
</queue>
<queue>
<name>qwanacks</name>
<ack/>
<attachtoqueue>qwanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<priority>7</priority>
<realtime>on</realtime>
<realtime3>10%</realtime3>
<bandwidth>25</bandwidth>
<bandwidthtype>%</bandwidthtype>
</queue>
<queue>
<name>qlanacks</name>
<ack/>
<attachtoqueue>qlanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<priority>7</priority>
<realtime>on</realtime>
<realtime3>10%</realtime3>
<bandwidth>25</bandwidth>
<bandwidthtype>%</bandwidthtype>
</queue>
<queue>
<name>qVOIPUp</name>
<attachtoqueue>qwanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<priority>7</priority>
<realtime>on</realtime>
<realtime3>128Kb</realtime3>
<bandwidth>25</bandwidth>
<bandwidthtype>%</bandwidthtype>
</queue>
<queue>
<name>qVOIPDown</name>
<attachtoqueue>qlanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<priority>7</priority>
<realtime>on</realtime>
<realtime3>128Kb</realtime3>
<bandwidth>25</bandwidth>
<bandwidthtype>%</bandwidthtype>
</queue>
<queue>
<name>qPenaltyUp</name>
<attachtoqueue>qwanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<priority>2</priority>
<red>on</red>
<ecn>on</ecn>
<upperlimit>on</upperlimit>
<upperlimit3>356Kb</upperlimit3>
<bandwidth>1</bandwidth>
<bandwidthtype>%</bandwidthtype>
<qlimit>500</qlimit>
</queue>
<queue>
<name>qPenaltyDown</name>
<attachtoqueue>qlanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<priority>2</priority>
<red>on</red>
<ecn>on</ecn>
<upperlimit>on</upperlimit>
<upperlimit3>356Kb</upperlimit3>
<bandwidth>1</bandwidth>
<bandwidthtype>%</bandwidthtype>
<qlimit>500</qlimit>
</queue>
<queue>
<name>qP2PUp</name>
<attachtoqueue>qwanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<priority>1</priority>
<red>on</red>
<ecn>on</ecn>
<realtime>on</realtime>
<realtime3>1Kb</realtime3>
<upperlimit>on</upperlimit>
<upperlimit3>20Kb</upperlimit3>
<bandwidth>1</bandwidth>
<bandwidthtype>%</bandwidthtype>
<qlimit>500</qlimit>
</queue>
<queue>
<name>qP2PDown</name>
<attachtoqueue>qlanRoot</attachtoqueue>
<associatedrule>0</associatedrule>
<priority>1</priority>
<red>on</red>
<ecn>on</ecn>
<realtime>on</realtime>
<realtime3>1Kb</realtime3>
<upperlimit>on</upperlimit>
<upperlimit3>20Kb</upperlimit3>
<bandwidth>1</bandwidth>
<bandwidthtype>%</bandwidthtype>
<qlimit>500</qlimit>
</queue>
<rule>
<inqueue>qVOIPUp</inqueue>
<outqueue>qVOIPDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>10000-20000</port>
</destination>
<descr>m_voip Asterisk inbound</descr>
<protocol>udp</protocol>
</rule>
<rule>
<inqueue>qVOIPDown</inqueue>
<outqueue>qVOIPUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>10000-20000</port>
</destination>
<descr>m_voip Asterisk outbound</descr>
<protocol>udp</protocol>
</rule>
<rule>
<inqueue>qVOIPUp</inqueue>
<outqueue>qVOIPDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>5060-5069</port>
</destination>
<descr>m_voip Asterisk inbound</descr>
<protocol>udp</protocol>
</rule>
<rule>
<inqueue>qVOIPDown</inqueue>
<outqueue>qVOIPUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>5060-5069</port>
</destination>
<descr>m_voip Asterisk outbound</descr>
<protocol>udp</protocol>
</rule>
<rule>
<descr>Penalty IP</descr>
<inqueue>qPenaltyUp</inqueue>
<outqueue>qPenaltyDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<address>mischeif</address>
</destination>
</rule>
<rule>
<descr>Penalty IP</descr>
<inqueue>qPenaltyDown</inqueue>
<outqueue>qPenaltyUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<source>
<address>mischeif</address>
</source>
<destination>
<any/>
</destination>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>5500-5503</port>
</destination>
<descr>m_P2P HotlineConnect inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>4329-4329</port>
</destination>
<descr>m_P2P iMesh outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>4329-4329</port>
</destination>
<descr>m_P2P iMesh inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>6699-6701</port>
</destination>
<descr>m_P2P Napster outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>5500-5503</port>
</destination>
<descr>m_P2P HotlineConnect outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>8038-8039</port>
</destination>
<descr>m_P2P grouper inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>8038-8039</port>
</destination>
<descr>m_P2P grouper outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>6699-6701</port>
</destination>
<descr>m_P2P Napster inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>28864-28865</port>
</destination>
<descr>m_P2P hotComm outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>28864-28865</port>
</destination>
<descr>m_P2P hotComm inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>8311-8311</port>
</destination>
<descr>m_P2P Scour outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>5190-5190</port>
</destination>
<descr>m_P2P SongSpy outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>5190-5190</port>
</destination>
<descr>m_P2P SongSpy inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>6699-6699</port>
</destination>
<descr>m_P2P WinMX outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>6699-6699</port>
</destination>
<descr>m_P2P WinMX inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>6346-6346</port>
</destination>
<descr>m_P2P Shareaza inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>6346-6346</port>
</destination>
<descr>m_P2P Shareaza outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>8888-8889</port>
</destination>
<descr>m_P2P OpenNap inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>6346-6346</port>
</destination>
<descr>m_P2P Gnutella-UDP inbound</descr>
<protocol>udp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>8311-8311</port>
</destination>
<descr>m_P2P Scour inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>8888-8889</port>
</destination>
<descr>m_P2P OpenNap outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>4661-4665</port>
</destination>
<descr>m_P2P EDonkey2000 inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>6881-6999</port>
</destination>
<descr>m_P2P BitTorrent inbound</descr>
<protocol>udp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>7788-7788</port>
</destination>
<descr>m_P2P BuddyShare outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>7788-7788</port>
</destination>
<descr>m_P2P BuddyShare inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>2340-2340</port>
</destination>
<descr>m_P2P CuteMX outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>6881-6999</port>
</destination>
<descr>m_P2P BitTorrent outbound</descr>
<protocol>udp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>6881-6999</port>
</destination>
<descr>m_P2P BitTorrent inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>7668-7668</port>
</destination>
<descr>m_P2P Aimster outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>7668-7668</port>
</destination>
<descr>m_P2P Aimster inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>6881-6999</port>
</destination>
<descr>m_P2P BitTorrent outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>2340-2340</port>
</destination>
<descr>m_P2P CuteMX inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>6666-6668</port>
</destination>
<descr>m_P2P dcc outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>4661-4665</port>
</destination>
<descr>m_P2P EDonkey2000 outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>6346-6346</port>
</destination>
<descr>m_P2P Gnutella-TCP outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>6346-6346</port>
</destination>
<descr>m_P2P Gnutella-TCP inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>1044-1045</port>
</destination>
<descr>m_P2P DirectFileExpress inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>1044-1045</port>
</destination>
<descr>m_P2P DirectFileExpress outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>6666-6668</port>
</destination>
<descr>m_P2P dcc inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>412-412</port>
</destination>
<descr>m_P2P DirectConnect outbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
<port>412-412</port>
</destination>
<descr>m_P2P DirectConnect inbound</descr>
<protocol>tcp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
<port>6346-6346</port>
</destination>
<descr>m_P2P Gnutella-UDP outbound</descr>
<protocol>udp</protocol>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
</destination>
<descr>p2pCatchAll outbound</descr>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
</destination>
<descr>p2pCatchAll inbound</descr>
</rule>
<rule>
<inqueue>qP2PDown</inqueue>
<outqueue>qP2PUp</outqueue>
<in-interface>lan</in-interface>
<out-interface>wan</out-interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
</destination>
<descr>p2pCatchAll outbound</descr>
</rule>
<rule>
<inqueue>qP2PUp</inqueue>
<outqueue>qP2PDown</outqueue>
<in-interface>wan</in-interface>
<out-interface>lan</out-interface>
<source>
<any/>
</source>
<destination>
<network>lan</network>
</destination>
<descr>p2pCatchAll inbound</descr>
</rule>
</shaper>
</pfsense>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
