Thread: Firewall settings
View Single Post
  #3 (permalink)  
Old January 26th, 2004
jum's Avatar
jum jum is offline
Latest svn User
  
Join Date: April 6th, 2002
Location: Germany
Posts: 174
jum is flying high
Default
I thought if this is still unclear I do a bit of research and summarize the ports LimeWire uses and what ports need to be opened in a firewall setup. I differentiate two cases:

* Direct connection to the internet (Modem, PPPoe, LAN directly to your computer)
* External NAT Router (increasingly used with DSL)

In the first case the only firewall used is probably a personal firewall directly installed on the PC, in the second case a personal firewall is not needed as the external NAT router blocks all external connection attempts and forwards only selected ports. LimeWire uses the following ports and protocols:

* 6346 using both TCP and UDP for GNUTELLA
* 6347 using only UDP for multicasting
* 45100 using only TCP for MAGNET

In case you manage to start a second instance of LimeWire or run several versions at the same time (or even other file sharing applications also using the GNUTELLA protocol) LimeWire will start to increment the port numbers for GNUTELLA and MAGNET until it finds a free port. As this situation is not predictable and also probably not desirable from a bandwith management standpoint I ignore this behavior.

The MAGNET port (45100) is only used for internal communication between multiple instances of LimeWire or communication of browsers with LimeWire for forwarding magnet: style URLs. It does not need to be opened to the outside, even if you publish magnet URLs to your servent. On OS X this is not used, there AppleEvents are used to transfer magnet: URLs from browsers to LimeWire.

The multicast port (6347) is used only in a local area network setup, for example a school network or company network. It is used to quickly find sources without actually querying the GNUTELLA network, just by sending the query packets to interested parties on the LAN. If you use a personal firewall and want to find sources on your school or university network you should open this port for UDP traffic.

The GNUTELLA port (6346) is used with both TCP and UDP protocols for the bulk of file sharing and is the most interesting one. This port must always be opened in your personal firewall to be able to find sources on the Internet. In the case where a NAT router is used it gets a bit complicated: as by principle a network address translation setup makes your PC's IP address invisible to the outside world you must instruct your NAT router to accept connections on the GNUTELLA port and forward this to the hidden PC. Most routers have setup screens for configuring this. I recommend to use both 6346 for the port used on the router and the forwarded port on your PC, as otherwise the situation gets even more complicated as it is already. There is one exception: if your ISP throttles GNUTELLA traffic it might work better if you use a different port for GNUTELLA, but still use the same number for both what the NAT router accepts and where it forwards that connection to.

If you use a NAT router and did configure it to forward incoming connection on 6346 to your PC you also need to inform LimeWire of the fact by turning on the option or preference in the "Expert/Firewalls" dialog to force your IP address.
Reply With Quote