| 1 |
Am Dienstag 12 Juni 2007 16:44 schrieb Albert Hopkins: |
| 2 |
> On Tue, 2007-06-12 at 16:27 +0200, Florian Philipp wrote: |
| 3 |
> > > Have you tried running netstat? |
| 4 |
> > |
| 5 |
> > netstat |
| 6 |
> > Active Internet connections (w/o servers) |
| 7 |
> > Proto Recv-Q Send-Q Local Address Foreign Address State |
| 8 |
> > tcp 0 1 HOMER_GENTOO64.PHHE:ftp 212-87-13-68.sds.:40202 |
| 9 |
> > FIN_WAIT1 |
| 10 |
> > |
| 11 |
> > Active UNIX domain sockets (w/o servers) |
| 12 |
> > Proto RefCnt Flags Type State I-Node Path |
| 13 |
> > unix 2 [ ] DGRAM 975 |
| 14 |
> > @/org/kernel/udev/udevd |
| 15 |
> > [...] |
| 16 |
> > nothing interesting except the first line. |
| 17 |
> |
| 18 |
> So you see no SYN requests to your server on port 21 |
| 19 |
> |
| 20 |
> > > Have you ensured rtorrent is |
| 21 |
> > > listning on TCP 21 (in Linux you usually have to be running as root to |
| 22 |
> > > do this) |
| 23 |
> > |
| 24 |
> > Yes. It runs as root (not that I would like it, maybe I should chroot |
| 25 |
> > it...) and port 21 is rtorrent's only chance to download. So, it works. |
| 26 |
> |
| 27 |
> Chrooting is not going to get around needding root access to listen on |
| 28 |
> port 21. Plus don't you still need to be root to chroot? |
| 29 |
|
| 30 |
Yes, but rtorrent would be jailed in that chroot, wouldn't it? Therefore it |
| 31 |
could break nothing but it self if it goes crazy. |
| 32 |
|
| 33 |
> > You mean stuff like iptables? No. |
| 34 |
> |
| 35 |
> This is my theory but I haven't verified it. Bittorrent clients are |
| 36 |
> programmed to listen/connect to a range of ports by default (I think it |
| 37 |
> starts at 6882). Your client is connecting and saying "connect to me on |
| 38 |
> port 21". The other clients see this but it's not in their IP range so |
| 39 |
> they refuse to connect to you. You might be able to tell your client to |
| 40 |
> listen on tcp/21 but that doesn't mean everyone else has told their |
| 41 |
> clients to connect. |
| 42 |
> |
| 43 |
> But if you are sure this *has* worked then that would make my theory |
| 44 |
> incorrect. Like I said I've never verified it, but that seems like the |
| 45 |
> likely scenario. |
| 46 |
> |
| 47 |
> The other scenario is if you're not even seeing SYN requests is that |
| 48 |
> requests are being blocked to your computer from that port, possibly by |
| 49 |
> your ISP. But again if this were the case then it should also be the |
| 50 |
> case for Windows, Knoppix, etc. |
| 51 |
> |
| 52 |
> Can you verify your claim (i.e. go into knoppix or whatever, run |
| 53 |
> rtorrent on tcp/21 and verify via netstat that clients are connecting to |
| 54 |
> you on that port)? |
| 55 |
> |
| 56 |
|
| 57 |
I'll verify it as soon as I can reboot again (I'm currently emerging a lot of |
| 58 |
stuff in three chroots - what a headache...). Maybe my ISP changed his |
| 59 |
policies in the last few months ... |
Archives