Rules for use Torrent service

[balubeto]

Hi

Since I would like to use the Torrent service to download and share some files on the Internet, I would like to know what is the correct procedure for creating the rules that allow you to use this service.

I am currently using OPNsense 18.7.8 64 bit.

Thanks

Bye

[balubeto]

I'm still waiting for your answer.

Thanks

Bye

[tofaz]

Hi,

if you do not have IDS/IPS in place, I would say that you have to create a rule that allow traffic on torrent standard ports (6881-6889 TCP) from LAN network to any on WAN.

[balubeto]

Hi,

if you do not have IDS/IPS in place, I would say that you have to create a rule that allow traffic on torrent standard ports (6881-6889 TCP) from LAN network to any on WAN.

What is the correct procedure for creating this rule?

Thanks

Bye

[balubeto]

Could someone please give me an answer?

Thanks

Bye

[GDixon]

What works for me is UPnP. I don't like to use it but the ports close after they are not needed or I can close them myself.
I don't have to search for the correct ports and I can have my torrent program change it's port everytime it starts up.

[balubeto]

What works for me is UPnP. I don't like to use it but the ports close after they are not needed or I can close them myself.
I don't have to search for the correct ports and I can have my torrent program change it's port everytime it starts up.

If I disabled the UPnP function, in which sections of OPNsense should I go to create the rules that allow the opening of the ports that serve the various Internet services (such as Torrent) to work properly?

When I will create the rules for using the Torrent service, which fields should I use?

Thanks

Bye

[balubeto]

Could someone please give me an answer?

Thanks

Bye

[Ciprian]

Hi!

Sorry I would not come with a tutorial explaining in details and with pictures what should be done (lack of time), but until somebody else will (maybe) do that, I will point you to the following 2 scenarios:

• Use uPnP plugin - Find it in System: Firmware: Plugins - especially if your torrent client is uPnP compatible
• Use NAT, Port Forwarding Rule - Firewall: NAT: Port Forward - Chose a range of ephemeral ports (typically between 1024 and 65535) in your torrent client, and then create a new NAT (Port Forwarding) rule in your firewall for those chosen ports towards your torrent machine. (For that sake, it is possible to use a single port, but this requires the torrent client to use that particular port every time it restarts)

For how to do it for each of these cases please wait for someone else with more available time than me to write a step-by-step tutorial, or read the docs and search the forum for "upnp", "NAT" and/ or "Port Forwarding" - even if you can't find your exact case in particular, those search keywords will bring up posts describing how uPnP and NAT Rules work and examples of Port Forwarding done for alike scenarios, for other services.

Hope it helps...
Good luck!

[balubeto]

Hi!

Sorry I would not come with a tutorial explaining in details and with pictures what should be done (lack of time), but until somebody else will (maybe) do that, I will point you to the following 2 scenarios:

• Use uPnP plugin - Find it in System: Firmware: Plugins - especially if your torrent client is uPnP compatible
• Use NAT, Port Forwarding Rule - Firewall: NAT: Port Forward - Chose a range of ephemeral ports (typically between 1024 and 65535) in your torrent client, and then create a new NAT (Port Forwarding) rule in your firewall for those chosen ports towards your torrent machine. (For that sake, it is possible to use a single port, but this requires the torrent client to use that particular port every time it restarts)

For how to do it for each of these cases please wait for someone else with more available time than me to write a step-by-step tutorial, or read the docs and search the forum for "upnp", "NAT" and/ or "Port Forwarding" - even if you can't find your exact case in particular, those search keywords will bring up posts describing how uPnP and NAT Rules work and examples of Port Forwarding done for alike scenarios, for other services.

Hope it helps...
Good luck!

By default, does OPNsense 18.7.8 have the UPnP function enabled? If yes, how do I disable it?

Thanks

Bye

[Ciprian]

No, uPnP is not enabled - as I said, it's a plugin, you can find it in ”Plugins” section, then install it. It's not installed (hence not enabled) by default.

[balubeto]

I can't open port 36603 on the firewall towards the Pippo computer that doesn't have a firewall/antivirus because, when I try to use services, such as https://ping.eu/port-chk, that check the status of a port, they indicate that this port is closed. How come?


My OPNsense configuration (the VDSL2+ router has been put in Bridged mode):










So, where did I go wrong?


Thanks


Bye

[balubeto]

Could someone please give me an answer?

Thanks

Bye

[GDixon]

I may be wrong but even with a port forward or uPnP I get all ports closed when I do an outside the wan scan. The ISP may be the one doing that.

I use a cable modem thats just a bridge through Spectrum, has no router functions.

I can still connect and use any port forwards and uPnP works as expected. Have you tried  connecting or running your torrent program?

I use https://www.grc.com/x/ne.dll?bh0bkyd2 to check ports

[balubeto]

I tried to do a scan of my torrent port with the above service and I noticed that my port is in Stealth status with the green background. What does this mean? What can I do to make sure that this service indicates that the status of this port was opened?

Thanks

Bye