Mailinglist Archive: opensuse-security (228 mails)

< Previous Next >
Re: [suse-security] Enabling bittorrent in Suse 9.2 Firewall via Yast
  • From: Andreas Stieger <tux@xxxxxxxxxxxxxxxxx>
  • Date: Thu, 24 Mar 2005 10:33:51 +0100
  • Message-id: <200503241033.51569.tux@xxxxxxxxxxxxxxxxx>
Hi,

yes you do need to allow these ports in the firewall.

> I think that this is to open the firewall to allow other machines
> participating in the bittorrent download to send me parts of the iso
> file and get parts from me that I have already received. Is that right?

yes.

> I looked at Yast Firewall Configuration: Services/Edit additional
> services, and found that I could open ports 6881:6889 for tcp, but I
> don't see how to limit the uses of these ports to bittorrent. Does this
> have to be done?

This is the way to do it, but there is no way to limit the port usage to a
program.

> If not, what is the
> best way to do a temporary iptables change to enable bittorrent without
> letting anything else into my computer? Should I use a script file to
> enable/disable bittorrent?

Why not just allow the ports?
BitTorrent will be the only application using it. Allowing 6881:6889 through
the firewall doesn't mean your computer is vulnerable. Just don't run another
on that port.

Andreas

< Previous Next >
References