MTNL Broadband: POrt forwarding

  • Thread starter Thread starter powerontop
  • Start date Start date
  • Replies Replies 114
  • Views Views 35,266
P

powerontop

Regular
Messages
245
Location
NA
ISP
MTNL
Hi Friends,
Now that I have tasted the Blood, I want to expand my horizons and want to use all apps I used to use in my dialup days such as p2p(number of them), IRC, MSN/Yahoo etc etc.

But I am very security consious and am habitual to using firewalls, and thus comes problems with my DSL. On dialup, my modem and my machine were the same so firewall on my machine automatically applies to the modem which is not true now since the DSL modem is a seperate machine now.

So my questions are :

1. Should I enable the router's firewall? Is it good, stable and flexible for defining rules?
2. I have firewall running on my machine too(Linux), effects of router firewall/port forwards on it?
3. I have put in port forward on my router yesterday for Gnutella and eMule following the link on this forum. But still got lowid. Is the router port forward not setup properly? Currently firewall on router is disabled. Is the firewall on my machine the culprit?
4. Effects of opening up port forwards on internal machines. Since now anyone can connect to my machine due to ports being open. Good Firewall rules can be used to prevent damage. Need light on this too on how to acheive this.

If someone can put down port forward and firewall settings giving specific examples to configure say eMule, FastTrack(Kazaa), giFT, Gnutella, Yahoo etc then it would be great. I am open to contributing towards the same.

I have looked at www.portforward.com. Helpful but needs detailing specific to 502T. I have read the Port forward doc on the Sticky Links on this forum too. Let this topic be the Ultimate guide to using/setting up Firewalls and Port forwards.
I am currently using Linux but have Zone Alarm firewal on my XP but I don't use XP at all. You all know why 😛

Thanks for your responses.
 
What I know....DSL & Firewall r anti of each other. U will hve to loose one thing in order to gain the 100% of other. Yeah, in sum cases u can have 50% - 50% of each other.Wht I want to say is.....u can have Firewall settings n DSL connection running simultaneously. But, it can be gud 4 some applications but will conflict in others.As per ur questions:1. Not advisable. Its not stable n moreover can screw ur whole system.2. Two firewall(s) always create conflict, but as per port forward goes, it can run, but u need to adjust the same settings on ur linux firewaal too. But remember, do not run the router and linux firewall simultaneously.3. By "lowid", I am assuming u r talking abt. low speed (not acceptable in P2P connections). Mate, first rule, if ur getting connected (P2P), let it be low or high speed, ur linux firewall is not the culprit. Coz. the connection has been made. Had it been the firewall, u wud not have been able to connect at all. Particularly, in P2P, it depends on the network too, the number of ppl in network, the connection on the other side of network, network choking n hell lot of other things. Also, as mentioned earlier, do not enable the Router firewall. However, if u still doubt the linux firewall, disable it n then check.4. Yes, it can be dangerous, if u have open ports. For this reason only u need a firewall on ur machine. Sorry mate no idea abt. Linux firewall. N yes, I am connecting P2P n Torrents w/o any port forwards or extra settings on my router or firewall. Hope, u don't need it at all........MTNL does'nt block any ports mate.Hope it helps a lil........ 🙂
 
The port forwarding on the router seems to be wierd.....it never quite works properly. I tried a very long time to host my HTTP server using the port forward until I finally gave up. Now, I am running the router in bridge mode, so the setup is similar to you dial up days when your modem and computer are the same machine. That way, you can run the Linux firewall (I guess you are running iptables?). This way, you easily add rules to the iptables thru linux, and they will be properly applied. Also in this setup, whatever ports are open on your computer will show up as open on the net, so no port forwarding business.
 
Originally posted by bad_till_bones+Sep 8 2005, 02:09 PM-->QUOTE(bad_till_bones @ Sep 8 2005, 02:09 PM)
What I know....DSL & Firewall r anti of each other.  U will hve to loose one thing in order to gain the 100% of other.  Yeah, in sum cases u can have 50% - 50% of each other.
[/b]

Damn. Nature can't be this cruel. Must be some way. Lets explore.
 
Yeah, configuring this router has been a nightmare. Have managed to forward all the ports used by p2p applications installed on my comp. Not gonna enable the router firewall in a million yrs. Have had enuff problems already. Windows firewall is enough for me. Btw anybody know wt port MSN messenger uses coz in the conn settions it shows am on a non-Upnp restricted connection and am unable to transfer files or anything.
 
Originally posted by powerontop@Sep 8 2005, 06:31 PM
I tried port forward with local firewall Active. Got lowid in amule, could search for files but could not download any. Then closed it and connected via giFT, same stuff(it doesn't show lowid etc though), got download speed of 4-5k. Damn. Then disabled my firewall then retried, amule still lowid. I think coz filters on router page don't get saved inspite of clicking apply anyone knows why?  Then tried giFT with local firewall disabled. Got 20-(27-28k) constant speed. But I am all bare to the cruel outside world. That is what worries me.
[snapback]24440[/snapback]
Click to expand...
[/quote]

Thts why I said - "DSL & Firewall r anti of each other. U will hve to loose one thing in order to gain the 100% of other. Yeah, in sum cases u can have 50% - 50% of each other".

Mate, ur concern is rite........we all want tht. But believe me, hve tried many settings rather still trying...... 😛
 
Originally posted by bad_till_bones@Sep 9 2005, 08:47 AM
Thts why I said - "DSL & Firewall r anti of each other. U will hve to loose one thing in order to gain the 100% of other. Yeah, in sum cases u can have 50% - 50% of each other".

Mate, ur concern is rite........we all want tht.  But believe me, hve tried many settings rather still trying...... 😛
[snapback]24506[/snapback]
Click to expand...
[/quote]

Ok something that has been hauting in my mind for a long time. Anyone out here having good experience with IPTables firewall of Linux? What I am thinking of doing is this.
"Allow outgoing or incoming connections ONLY if the connection was initiated from inside or part of an ongoing session". For this you require a Statefull Firewall and not sure if IPTables is one and if it can take such decisions.
I come from FreeBSD background and I know freebsd firewalls could do this with ease. Just Love it. But no too sure if linux firewalls can do this. If we can write such a rule then we can atleast be sure that other than a Trojan, even if my machine is open to the Internet due to port forward, no one can hack me unless I initiated this connection.

Any idea?

Thanks.
 
Well actually, if you have a trojan installed on your computer, IT will initiate the session, so basically the session is initiated from your side......so your rule fails to stop it 🙂Not many trojans etc. are known for the Linux or *nix systems.....Anyway, I have a little bit of experience with iptables, but I don't think such a rule is possible...........then again, you never know........Adwait
 
Originally posted by adwait@Sep 9 2005, 02:11 PM
Well actually, if you have a trojan installed on your computer, IT will initiate the session, so basically the session is initiated from your side......so your rule fails to stop it 🙂

Not many trojans etc. are known for the Linux or *nix systems.....

Anyway, I have a little bit of experience with iptables, but I don't think such a rule is possible...........then again, you never know........

Adwait
[snapback]24531[/snapback]
Click to expand...
[/quote]

Yes I mentioned that for Trojans 😱

With regards stateful rules, I found the way for iptables 🙂 heres the link for posterity http://iptables.org/documentation/HOWTO//p...ng-HOWTO-5.html

Thanks.
 
hi members prob over here i have outpost firewall installed when i use internet frm my local cablewallah limewire doesnt show i have a firewall but when i use mtnl triband limewire shows i am firewalled what to do about it do i have to open ports plz help
 
Originally posted by yogi1771@Sep 12 2005, 11:18 AM
hi members please help how to forward the ports for bittorrent clients and limewire
[snapback]24883[/snapback]
Click to expand...
[/quote]


Hi Everybody,
Yesterday being holiday did some R&D with my setup. I had setup Port forwards for Gnutella, FastTrack etc but itseems it requires "Static" IP which obviously MTNL does not give and the Computer is setup to use DHCP but before once I had setup 192.168.1.2 in Lan clients page so that port forward config. could go ahead. But now if I see, my comp. gets 192.168.1.3 as its IP so forwarding wud happen on 192.168.1.2 but since no one has that IP packet would go god knows where. But that day I got good speeds after opening up some port on my comp. firewall(Firewall on router is disabled).
So yest. taking advise on this forum that MTNL by default does not block any ports and thus port forwarding is not neccesary, I decided to remove all kinds of port forwards. No virtual server, filter settings. But got ugly speeds of max 2-3 KB. Opened up some ports on firewall still no change. No new firewall rules added.
Now can anyone from mumbai pref. around borivali and adjacent area confirm bad speeds yest. I am attributing it to rains instead of removing of Port forwards.
If it is bad rains then I can setup IPTables properly else please suiggest how to config. comp. to use static IP but acquire rest from DHCP.

One more thing. has any linux user of triband noticed that if u start ur comp. without router being ON, there are no rules on ur machines IPTables. But if u boot ur machine with router ON, somehow there are automatically some Rules added to ur machines IPTables. Anyone knows why and how to disable/tune it?


Thanks.
 

Similar threads

bikelover1
Has Airtel stopped port forwarding?
2 3
Replies
33
Views
2,127
rohitks
gaurishhs
Port forwarding on airtel router
Replies
4
Views
824
gaurishhs
N
How to set up port forwarding for torrenting with WireGuard VPN on VPS?
Replies
0
Views
271
nehalchoy
G
Unable to get port forwarding working with Airtel ISP
Replies
9
Views
763
Gohio
Top