Hi to all,
I have problems with Astaro configuration for Emule. If I test the ports in Emule i got a empty site:


I have test in the last 3 days several configurations and I have read here all post about UDP and Emule Issue. I realy have problems to solve this Issue.
I hope somebody can give me some helping hands. I appreciate any responds.

Here I made screenshot with my configurations:




If I test my TCP Port 5555 with port scanner I got "success open port".
Thank you very much in advance.
Best regards
Elena

Hi, normally you need Service Definitions for both incoming and outgoing traffic for p2p apps...

e.g.
emule-out-tcp
source: 5555
dest: 1-65535

emule-out-udp
source: 6666
dest: 1-65535

emule-in-tcp
source: 5555
dest: 1-65535

emule-in-tcp
source: 1-65535
dest: 6666


These defs can also be used for QOS.

Barry

__________________
http://DealBert.net
Home & business end-user since v1.x

• ASL 6.3x, HP DL145 Dual Opteron, 1GB RAM, 6 gigE NICs, 50-IP Platinum License
  
• ASL 7.3x, Dell PE1550 Dual PIII 1GHz, 1GB RAM, 2 NICs, 50-IP Platinum License
  
• ASL 7.5x, 17-watt fanless mini-ITX system: MSI IM-945GSE-A Atom n270, 2GB RAM, Morex T3310 case. 2 Intel GigE, 3 VLANs. 80G 5200rpm 2.5" HD
  Netgear GS108T gigE VLAN switch & Linksys WRT54G WAP
  Total network infrastructure: 27 watts. 100-IP Home User. FiOS 10mb/2mb

Hi BarryG, thank you very much for your respond, I'm very happy.
But unfortunately I didn't solve problem.

I still have the problem.
I have read again last three days all post here about "portforwarding", "Torrent", "Edonkey", but I don't understand why didn't work for me.
Now I have made these packet rules:




I have see in "Live-Protocol" port 6666 is still "dropped".
I will really donate here or pay for solving problem. I will pay 50 Euro for solution.
Maybe the reason is of because bad image of Emule.
Here in Switzerland is downloading of media legal, only sharing with others is violent.

I hope somebody have Idea what could be the problem.
Thank you very, very, very much in advance.

Namaste
Elena

Grüezi Elena
du denn mache mir doch das uf Schwyzerdütsch

But for Barry we go on in English.

Have you tried to allow any services for your computer to the WAN? (Just for testing). Is it working with any?

yours
Marco

To allow the dropped traffic from the packet filter log you will need a packet filter rule with:
source: 192.168.254.22
service: Emule UDP IN
Destination: Any

You may want to just create a packet filter rule that allows all services for that computer while you troubleshoot the issue, then watch the log and create specific packet rules once you get it working.

and what i forget:
your source protocol is on port 6666 but the destination ports (the on you should open) are:

28859
35055
4672
4671
4673
All the ports in your screenshot in the destination tab.

see this screenshot:


172.16.1.31 connects to 192.168.1.20 on port 21 --> file upload by ftp --> port 21 is open
172.16.2.40 connects to 192.168.1.13 on port 8000 --> port 8000 is open

Marco

Haha, thats funny!
"Ja ebe, machemer doch!"
Hi Marco, nice to meet you.


@r2k & dilandau
Thank you very much both for your fast respond, I'm appreciate!

Hi dilandau
Thank you. Maybe I'm wrong.
I have read in manual Astaro is a "stateful firewall" I don't need create packet filter for both way's.

@r2k & dilandau
Your recommendation creating "any=>any=>any" rule is so great and easy.
Yes with rule "any=>any=>any" Emule works!
I can't believe, I didn't have same idea before, doing this.
The problem maybe is reading to much and can't see the wood for the trees!

Thank you for your additional info about the ports I need to open.
I have read many Emule FAQ's and Manuals and some are writing I need only opening the 2 ports I configure in Emule (TDP & UDP) the file-server will talk over these ports.

I will create now on Astaro some port groups, because of looking professional I don't like chaos.
I will try open the default ports to.
I will give you respond after I'm finish.
Thank you again for helping me.
Namaste
Elena

s klaine Land Schwyz isch hald doch stark verträtte

I've taken the addtional ports from your screenshot:


You might need to open more ports. --> Please check your packet filter log. The port which is required is on the right side after the destination host ip.

Liebe Gruess us em Schneeparadis
Marco

Hi Marco

Now I've understand how need edit the packets rules.
I have test it the whole night some configurations.
The problem is exactly what you say before, I need open all ports the edonkey-server needs.


I think it's not really logic and very conformable, the servers need so many different ports. I don't belive that I need all ports?
I've read in a Emule FAQ, in "preferences.ini" exist a variable:
(65535 means a random port)
Here I can configure a UDP port for talking with all Emule Server's.
Maybe I misunderstand this option, for me it doesn't make any change, if I open and forward "ServerUDPPort" port. The edonkey-servers talk over his ports.

I definitively need to open all ports from edonkey-servers.
But why, I would like to learn and understand.
I would like to know why I need to open in Astaro all ports from the Emule Servers to talk with them.
In other Firewalls I don't need to configure it.
Best regards
Elena

Hi Elena

Very good!

Thats true it's not very easy because of all this ports.

I think it is based on the emule protocol. Normal services are fixed on one port (example: http -->port 80) These are well knowen services (and also located under the port 1024 (additinonal info: http://www.iana.org/assignments/port-numbers ). Emule is not a well knowen service. So every server admin can change this ports. (Ok you also can run http on port 234 but it make no sense). providers often block file sharing ports (we did this a few years ago when I was working for an isp). When your provider blocks the typical emule port you must change them and this makes your firewall config more complicated.

On a fortigate you have to allow these services to.

Yours
Marco