From owner-freebsd-questions@FreeBSD.ORG Tue Mar 10 21:58:10 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AA85D106566B for ; Tue, 10 Mar 2009 21:58:10 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-ew0-f166.google.com (mail-ew0-f166.google.com [209.85.219.166]) by mx1.freebsd.org (Postfix) with ESMTP id 39DB98FC12 for ; Tue, 10 Mar 2009 21:58:09 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: by ewy10 with SMTP id 10so1581742ewy.43 for ; Tue, 10 Mar 2009 14:58:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject :message-id:in-reply-to:references:x-mailer:mime-version :content-type:content-transfer-encoding; bh=QVVIW9hpTUtri1cqEmCPeoVh/KGQTRn65Hr0Yx+1YSE=; b=ilWdU2dWuYXW3JW7hFYu8g8wa5IqStVMRc/SeET7d7WapAyuEYRx4Jvg0bSdHuOCgd 3VnhhNIqszTtbEzMVKukj4hTaMR82qR5bPENFaCpfnHOE2oTPlBgBJhA6LL6qdigTOSL 8LccMtFiQYVRe86IqjS3I7xyYjYLDjrko7fPY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; b=qe3+qVC9G0CXtxMyGQi92T73MCVDUf6eANFWRCIfV8pti+DKegndM5frO+psZBFn/k kzbiHtM0VbMNNR3TZwpey0zp4ACmBj1uL4Cj8l0vEN26XjaTxBGGkmVRcTPQILPvXIK1 9mZhm/chQy5T/rA/I9lxsn6SuBnCTX23c9qnU= Received: by 10.216.47.13 with SMTP id s13mr3060332web.25.1236722289045; Tue, 10 Mar 2009 14:58:09 -0700 (PDT) Received: from gumby.homeunix.com (bb-87-81-140-128.ukonline.co.uk [87.81.140.128]) by mx.google.com with ESMTPS id 28sm5763719eyg.55.2009.03.10.14.58.07 (version=SSLv3 cipher=RC4-MD5); Tue, 10 Mar 2009 14:58:08 -0700 (PDT) Date: Tue, 10 Mar 2009 21:58:01 +0000 From: RW To: freebsd-questions@freebsd.org Message-ID: <20090310215801.47aa703e@gumby.homeunix.com> In-Reply-To: References: X-Mailer: Claws Mail 3.7.0 (GTK+ 2.14.7; i386-portbld-freebsd7.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: IPFW torrent X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Mar 2009 21:58:10 -0000 On Tue, 10 Mar 2009 20:40:11 +0100 Roy Stuivenberg wrote: > Hello, > > I can't seem to get my torrent client working, when ipfw is up. > > This rules i use in my script for the torrent client (ktorrent) Typically you need separate rules for incoming and outgoing connections, something like this add 1000 check-state add 1010 deny tcp from any to any in established # bittorrent tcp on 14353 add 10801 allow tcp from any to me 14353 keep-state # allow outgoing tcp add 50000 allow tcp from any to any out keep-state BTW if you use p2p a lot then eventually you'll probably want to do upload prioritisation, and that's a lot easier with pf+altq. I switched from ipfw to pf a long time ago, and I wouldn't want to go back.