View Single Post
  #598 (permalink)  
Old March 24th, 2005
bT_Mazter
Guest
 
Posts: n/a
Default

Still waiting? Hopefully I can get this into one page

OMG.. It looks like it will!

I'm not so sure I totally blame the p2p clients anymore but I will say there is a need for better networking ethics and guidance people!

With all the supposed talk about ISP's blocking 6346-47 on the Gneutella network WHY has no one thought about CHANGING the port access? Or is it not impossible to manage the changes?

I stated in my previous post I have done a fair amount of different types of networking with different protocols. I almost always customize my own setup and make it work 110% what it should of been. This stuff should be near point and click but obviously there are many differences in the way p2p client interface communication is routed, and lost.

If there is a loss/omission in packeting between clients then theres going to be trouble not too mention there is a lot of misleading info abound and being attempted to be forced that does not need to be if the stock ports themselves were changed and/OR the original info was relayed properly off a main server to the redirected connection. Who came up with the internal ip's being included to the Internet?

I decided to post some info to sort of put all the apples in one basket when any type of P2P client comes around. Hopefully it will help others who seem to not either be thorough enough or too vague in responses and can send them to this post (or if someone cares to make some edits and repost). But at least it will help guide some of the wandering info I see floating everywhere that is either incorrect or just doesn't need to be. This may be long but it spells out what I was looking for and could find anything and everything but a directed pointre saying this works and if it does not check for a proxy filter, etc..

It would be nice if someone else could add some tid bits and links to deleting out the user settings/folder and checking/setting up a proxy! Liks Neo's

For ALL examples use the following notes UNLESS otherwise stated:

"Addresses" (NOT ports) shown are EXAMPLE only!

Ports ARE PORTS. TCP/UDP are examples of PORTS but there are more types and 65,535 ports on any computer. LimeWire defaults to 6346 (I have seen it using or trying to use 6347 too).

If your ISP blocks these ports you will need a PROXY server or another ISP! I'd cancel my service and go to another ISP if they blocked mine!

Think of the Gneutella server as simply being no more then a Directory Assistance Relay! It informs the clients where each other resides and a door number to contact them (ie: IP address and Port!) If it were not for directory assistance you would scan many ports but scanning 65,535 ports per computer is going to take awhile and there are going to be alot of doors slammed in your face, maybe even a warning from your ISP about port scanning!

TCP is always a safer handling protocol!

IP = If we were talking about apartments think of your IP as your building number and each building can contain 65,535 ported apts and each apartment can have a UDP and TCP entrance.

INTERNAL IP ranges are 10.10.x.x and 192.168.x.x

-=IP=- -=MEANS=- -=ADDRESS=-, NOT PORT. THERES A BIG DIFFERENCE!

IP's are both External (your Internet address) and Internal (if your on a network you will have one in the Internal IP ranges listed above).

Client = can mean the PROGRAM being used, the computer STATION or Operating System (O/S) itself. I will simplify this direction and note it out where needs to be.

User = can mean a combination of Client, Station, and person but generally refers to a person(s)

Security = is defined as any settings in regards to any Routing, Firewalls and/or Networking in general.

Networking Components or Similar = A network card is the same as an Ethernet Card or NiC. NIC stands for Network Interface Card - ie: some external modems like DSL/ADSL and cable modems themselves connect via a NiC through an Ethernet Cable/Network Cable. An Ethernet cable looks like a large phone cord with enlarged phone plug ends. It is not same as a coax cable. Coax is used to connect your Television accessories or Cable TV, or Cable Modems main connection.

Cable modems are external and use a coax on the main connection to the wall and then connect to your computer via an Ethernet cable and a NiC inside your computer.

If you need help and you connect through a router, another computer sharing its connection (Internet Connection Sharing, ICS) to get to the Internet or have a setting outside of the following examples listed then do explain what it is you are using or expect limited responses or incorrect responses. If your connected directly to the Internet via a regular dial-up or external modem be sure and include that as well as if it is DSL or Cable you use. SOME EXTERNAL MODEMS HAVE INCLUDED A ROUTER/FIREWALL OPTION! Someone can reference this for you and smooth the process!

EXAMPLE 1:

Basic User setup! Two Users connected DIRECTLY to the Internet via a standard modem whether 56k, Cable or DSL.

NO ROUTERS, NO CONNECTION SHARING, Limited Firewall Security (WinXP only exemplified) or NONE at all as in 98/Me or WinXP's firewall disabled but not recommended!.

In the case of none at all there will NOT be any further need or settings past the P2P client app, App meaning Application, Limewire in this instance.

User 1 and User 2:
Two different IP addresses
- User 1's address = 204.204.204.51
- User 2's address = 64.152.152.65

Same ports, we'll use the stock ports so 6346-6347 TCP and UDP (LimeWire seems to want to use both at times).

If no firewall exists there will not be any further need for configuration. If using XP you will need to add some very simple and basic rules that are point and click and in brief detail as follows and may differ on other firewalls such as ZA, Sygate, Norton ..etc.

If a firewall does exist and is being used YOU MUST OPEN PORTS 6346-6347 TCP/UDP in the firewall AND/OR (as with ZA, Norton Firewall, etc..) allow the application your using (LimeWire) server rights so you can allow incoming unhampered connections to your computer.

NOTE: SOME FIREWALLS even when DISABLED or UNINSTALLED will STILL HAMPER CONNECTIVITY. If your having issues post info related to the O/S (Operating System), the firewall and if you have tried disabling or uninstalling the firewall. The XP firewall cannot be uninstalled only disabled! You can leave it enabled and you only need to add the ports listed above.

Heres a quick down and dirty yet complete setup for the XP ICF (Internet Connection Firewall) . Find where the firewall settings exist under your network connections. You should have an icon on your desktop related to Networking, if you did not delete it

In the firewall Properties/Advanced/Settings create and:

- Enter a Description (Gneutella 6346 TCP, or whatever)

Enter the name/ip as 127.0.0.1 (this will properly auto name
your computer ID) to allow traffic on this port to your computer.

Enter in the port of “6346” for External/Internal and select TCP.

Now create another one in the same method but use a different name (ie: Gneutella 6346 UDP) and setting of "6346” External/Internal set to use UDP.

Repeat this TWO more times but using the Port number 6347.

Technically speaking, we're done. BOTH CLIENTS HAVE BEEN CONFIGURED TO USE THE SAME PORTS!

EZY MONEY!



With me so far?

Granted XP's firewall is not the eye-candy of others in stock form it can be tweaked immensly and even stock it is better then nothing! You could try Zone Alarm (or a similar) but as far as setup there is just too much to post here pending version and what not.

But if you have a different firewall then use the WinXP firewall setup as an example and set the same ports (where options are available) and/or answer yes to the software security warnings for the P2P client when they popup for Internet and Server access. EZY money.. right?

Well, it can be. Unfortunately, software is like a child, it always needs some form of attending and prospering or retendering

When it comes to the XP firewall its pretty basic in stock form and it should of been enabled form the beginning rollout. But moving on ...its does its function when it is on and keeps the ports covered that should not be uncovered and should not of been on a basic rollout either to the average user! :rolls eyes:


Here's another example. Client 1 has files that Client 2 wants but Lets toss in some more detail and some advanced mixes.

Client 1:
- IP:PORT (external) 225.204.58.108:25435 TCP/UDP
- IP (--Internal--) 192.168.1.5

- Firewall: Zone Alarm Pro/Free/Settings Vary: set to allow all actions by the software client app (LimeWire, for example)

- Firewall ports: Technically speaking none should need to be entered if your using ZA or similar so long as you have ALLOW ED the app access the ports will be opened up when LW is running. But just in case, since this client is set to act on port
25435 we will tell ZA to allow TCP/UDP communication on this port as well. Some software firewalls do not allow ports to manually be entered, you will need to pay for the “upgraded Pro versions” usually

Router: this user is wise, router in place and set to forward port 25435 TCP/UDP to their INTERNAL IP of 192.168.1.5.
Note: Try to avoid using DHCP. It has limited advantages and can be harder to trouble shoot. Especially when forwarding Ports!
This router also has an option to BLOCK WAN requests, its enabled since port 25435 is allowed/forwarded.
This router has an option for enabling/disabling a term known as IPsecurity and its enabled.

IPsec is what makes a router a router and not a swicth or hub. Ipsec is more or less a firewall option at a hardware level. So long as the inbound requests (inbound to your network/computer to access your computer) matches a predefined rule or request sent outbound it is then allowed access to the port it is requesting to speak to. Pretty simple . . .

. . . . THIS IS WHY AND WHERE YOU NEED TO HAVE PORT FORWARDING/OPENINGS . . . .

User/Client 1 is behind a Router (similar for a firewall as well) and there is no way for the router to know what to do with incoming request from Client 2 since the incoming request did not originate from Client 1 so the router needs to know where to F-O-R-W-A-R-D the request. In this instance, since the P2P networks are such a fumble of settings and info and to avoid confusion, I would simple add both 25435 (TCP/UDP) and also include 6346-6347 (TCP/UDP) in the router settings to be forwarded to Client 1's internal IP. Finding your internal IP differs and can be done several ways.

If it is possible in the router (there should be this option one way or another), I would also set requests on the router to forward packets for 6346-6347 (TCP/UDP) to the new custom port of 23435 for the hosting IP 192.168.1.5 and let the internal computer process or deny the requests as needed. Technically speaking we should only need to Forward 25435 since that is the port we are on and Directory Assistance should inform our guests on which door to knock upon.

Technically speaking we could also use any of the ports between 25010-25792 as they are considered unused safe ports besides the 6346-6347 ports. The other clients just have to know this port and our external IP, which the Gneutella server "should" forward the PORT info, not our internal ip, ITS PORT people!

Say it with me.. PORT PORT PORT

On to Client 2's setup,

Client 2:

- IP:PORT 24.116.85.130:6346

Firewall: This user runs the XP firewall. The user has set the firewall to allow traffic from ports 6346-6347 both TCP/UDP in. Remember that XP's firewall only stops INBOUND requests unless you set up packeting filtering!

Done!

See, its not that hard =p

The only thing left to cover is setting the Client P2P app to use the ports we set our firewalls to allow. We also need to enter the apps "routing config" (NOT IP) under the LimeWire menus Options/Advanced/Firewall settings. It has been recommended to use the uPnP option but as I tried both this and manual and saw no difference? To each their own I guess.

Some P2P applications require more ports like 9-20 or more to function properly. Check out the authors site and forums and/or Google a simple search for the applications, along with "port" "TCP" and "firewall" and maybe "forward" and/or "router" and you should find plenty of results if the applications website doesn't spell them out.

Thats pretty much it. One way or another you can jumble these settings to fit as needed provided that our ISP is not Filtering port 6346-47 OR we not are behind a proxy then in all realistic sense this is the basics folks.

THAT IS IT IN A NUTSHELL!

The forum here needs some reworked stickies with more examples (created more prefereably) to avoid such endless clutter.

I may have rambled a few things but if this were on the front page in a little more depth and a post in depth for some Proxy examples and such I would of never had to waste several days to begin with. I have read more about nothing in the last few days then I have found useful except in a few persay. Not too mention having this info more readily available would help to speed up the entire network with more favorable results everywhere, for everyone!

Whew.. I am out of breathe. Good thing I didn't go into proxies.



bT_Mazter

~----===[*#*]===----~

Order of Importance:

3.limewire.com:6346/ Check if port 6346 is blocked
pcpitstop.com/
portforward.com/routers.htm
limewire.com/english/content/firewalls.shtml[/url]
bearshare.com/help/firewalls/[/url]
gnutellaforums.com/showthread.php?s=&threadid=32882[/url]
Neo's Proxy thread!

freeproxy.ru/en/free_proxy/get.htm
freeproxy.ru/download/lists/goodproxy.txt Updated Proxy listings!
gnutellaforums.com/showthread.php?s=&threadid=24523 Thanx Ursula for your page links, my post here could use some tidying
gnutellaforums.com/showthread.php?s=&threadid=32552
I decided to post this link any ways. It shows a couple quick fixes if all else is failing. Its pretty straight forward.

grox.net/utils/myip.php Some nice info! Your never safe!

ontrak.net/myIPaddress.htm So you still wanna find your iinternal/external ip's?

www.gnutellanews.com/

Support Your Favorites as well as your Locals ! ! !
Reply With Quote