Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Help with transmission and csf
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Help with transmission and csf

juanjuan Member

I setup a transmission client on a KVM vps, if i have not missed something, i understand that i need to open port 51413 in order to download and upload torrent files, which i already did in csf, i allowed TCP IN/OUT, but without any luck, when i tail -f /var/log/messages i can see that csf is still blocking port 51413 after i reload csf.conf.

Everything runs smooth if i turn csf off so it's clearly csf's fault.

I have a transmission running on an OVZ too, without any problem, although I'm only using iptables on this one.

So please advise for those who are running the same setup (transmission + csf) on their vps? I've been googling, reading and tinkering every possible csf conf for 2 days already. Many thanks in advance

Comments

  • nickyzainickyzai Member, Host Rep

    Simply use iptables to overwrite the CSF rules?

  • juanjuan Member

    Yep, tried that already, i opened ports tcp i/o and udp i/o too. No luck also.

  • nickyzainickyzai Member, Host Rep

    Remove CSF and use iptables instead to control everything?

  • juanjuan Member
    edited April 2014

    if these would help i'll post all possible logs and conf.

    iptables rules:

    Chain INPUT

    ACCEPT     tcp  --  anywhere             anywhere       state NEW tcp dpt:51413
    ACCEPT     udp  --  anywhere            anywhere       state NEW udp dpt:51413
    

    Chain OUTPUT

    ACCEPT     tcp  --  anywhere             anywhere       state NEW tcp dpt:51413
    ACCEPT     udp  --  anywhere            anywhere       state NEW udp dpt:51413
    

    /var/log/message log

        Apr 19 04:18:56 hostname kernel: [1550812.465992] Firewall: *UDP_OUT Blocked* IN= OUT=eth0 SRC=ip here DST=14.198.85.129 LEN=138 TOS=0x00 PREC=0x00 TTL=64 ID=8190 DF PROTO=UDP SPT=51413 DPT=12688 LEN=118 UID=104 GID=106
        Apr 19 04:19:33 hostname kernel: [1550848.705012] Firewall: *UDP_OUT Blocked* IN= OUT=eth0 SRC=ip here DST=62.210.137.203 LEN=138 TOS=0x00 PREC=0x00 TTL=64 ID=8192 DF PROTO=UDP SPT=51413 DPT=12688 LEN=118 UID=104 GID=106
        Apr 19 04:25:10 hostname kernel: [1312986.096123] Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=ip here DST=91.121.60.42 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=46538 DF PROTO=TCP SPT=51413 DPT=80 WINDOW=14600 RES=0x00 S$
    

    netstat

    tcp        0      0 machine-ip:51413    0.0.0.0:*               LISTEN      27597/transmission-
    udp        0      0 machine-ip:51413    0.0.0.0:*                           27597/transmission-
    

    I was hoping not to drop csf and lfd as my firewall, since the email alert is important to me, I'm running other programs also that uses csf and lfd alerts. So I'm trying to get as much possible help and advice before all else fail.

  • ATHKATHK Member

    Put the port in the conf file, /etc/csf.conf

  • juanjuan Member

    I have it opened on csf.conf, i also made a separate csfpost.sh with iptables syntax that accepts connections on that port.

  • sc754sc754 Member

    @juan said:
    I have it opened on csf.conf, i also made a separate csfpost.sh with iptables syntax that accepts connections on that port.

    Could always add the application to the safe list of applications in csf. It might think it's a suspicious process or something

Sign In or Register to comment.