Document ports to open in firewall

anacrolix / cove

A combined BitTorrent frontend and DHT indexer for personal use

https://github.com/anacrolix/cove/wiki

40 stars 0 forks source link

Document ports to open in firewall #20

Closed amaumene closed 10 months ago

amaumene commented 11 months ago

Hi,

I see port 42069 has to be opened in firewall. I don't know much about how DHT works but maybe you want to add documentation about running cove behind a firewall.

Regards,

anacrolix commented 11 months ago

Thanks. cove will attempt to port forward using UPnP, but that's just one of several port forwarding mechanisms. Note that cove should also work without the ability to receive incoming connections or unexpected packets, but it will be a suboptimal. Let me know if this differs from your view.

I'll add info about port forwarding to the documentation regardless.

amaumene commented 11 months ago

Hi,

Oh I don't have any views on the topic, I'm just wondering what are the requirements in term of firewall. Adding the ports to forward to the documentation is probably enough, especially since not everyone has UPnP enabled. (I don't ahah).

Thanks for your reply, I don't have any other comments, you can close this issue if you wish.

anacrolix commented 11 months ago

Ok I'll leave this open until I document the ports.

anacrolix commented 11 months ago

@amaumene what do you think of https://www.coveapp.info/OPERATION#ports?

amaumene commented 11 months ago

Hi @anacrolix,

It looks good to me :) Thanks!

One more question, I see cove is binding to additional UDP ports:

udp6       0      0 :::52576                :::*                                1958/cove
udp6       0      0 :::39135                :::*                                1958/cove
udp6       0      0 :::23373                :::*                                1958/cove
udp6       0      0 :::25132                :::*                                1958/cove
udp6       0      0 :::25586                :::*                                1958/cove
udp6       0      0 :::42069                :::*                                1958/cove
udp6       0      0 :::26530                :::*                                1958/cove
udp6       0      0 :::30764                :::*                                1958/cove
udp6       0      0 :::48584                :::*                                1958/cove
udp6       0      0 :::49160                :::*                                1958/cove

What are they used for? Do they need to be opened too? It seems they are changing after restart though.

anacrolix commented 11 months ago

I forgot about those. Those are ports for the DHT clients that sample the DHT network. They don't need to receive arbitrary inbound traffic, and because their ports are randomized it's not trivial to make recommendations about how to port forward for them. I don't think they're worth worrying about. If you are seeing torrents being indexed, (the regular log message that tells you this), then it's fine.

anacrolix commented 10 months ago

Okay I think this is fixed. Cheers