Ktorrent and openSUSE/Suse: router, port forwarding, firewall, Torrent

HowTo: Configure (K)torrent through a Router and Firewall protecting a Home LAN

Versions: Suse 10.x, openSUSE 10 & 11

Ktorrent uses two ports, usually TCP 6881 and the "tracker" port UDP 4444. The information flow on these ports needs to be guided to your workstation. That's what this Tutorial is about.

Here are in-page links to the focus areas:

• Installing fixed IP addressing
• Check Ktorrent's port settings
• Forwarding ports through the router
• Making passage through openSUSE's firewall

If you have a router in the mix of network hardware and consequently a LAN (even if just the one computer, you will have a LAN), then you must tell the router that information travelling on the port allocations used by Ktorrent is destined for your particular workstation. This is called port forwarding. In addition, if Suse's firewall shields are up, you have to adjust SuSEfirewall2 so the ports that Ktorrent uses are allowed passage.

You have to tell the router which computer is going to use a torrent, i.e what its IP address is. This is to allow communication through the firewall. So first up you should make the IP address of the target workstation stable, not subject to changes from the DHCP server. You must give the target workstation a fixed IP address AKA a static IP address).

↑↑↑↑Change the computer that uses Ktorrent to Fixed IP addressing

You can check your IP address by opening a console (terminal window) and issuing this command: sudo /sbin/ifconfig. Here's an example of the response:

john@suse103:~> sudo /sbin/ifconfig
root's password:
ath0 Link encap:Ethernet HWaddr 00:17:9A:75:CA:A6
inet addr:192.168.2.27 Bcast:192.168.2.255 Mask:255.255.255.0
etc etc etc...........

That shows and IP address and subnet mask of 192.168.2.27/255.255.255.0. You can further check whether that IP address is obtained from a DHCP server or is a fixed IP address. Go to Yast --> Network Devices --> Network Settings. Click the "Global" tag and you'll see settings as in the screenshot below:

Highlight your card and look to the bottom. In this example the lower screen shows "IP address assigned using DHCP". If your card shows similar you'll need to change it to fixed IP addressing. If you already have fixed IP addressing, skip on down to the next section: "Find out what port-forwarding Ktorrent needs".

You must choose an IP address in the same subnet as previously observed. It must look like 192.168.2.x; you could use your existing value existing 192.168.2.27 or some other value in the same subnet. I choose for example the value 192.168.2.100. Highlight the card and click to "Edit" it (or in some versions to "Configure" it). You should end up with a screen like the left hand screenshot below when you enter 192.168.2.100 in Yast's configurator.

When you set a fixed IP address, you also hand-code the gateway address in the router. Locate the "Routing" panel and enter the address of the gateway, as in the right hand screenshot above.

Sometimes with fixed IP addressing it is necessary to hand-code the IP addresses of the Name Servers supplied by your ISP provider into Yast's settings. The screenshot on the left shows how. But first test with the default settings to see if the adjustment is necessary -- save and reboot and check whether you can browse the internet. If not here's what you do to get the screenshot on the left"

• Uncheck "Change Hostname via DHCP"
• Ensure that "Write Hostname to /etc/hosts" remains activated
• Activate/check "Change /etc/resolv.conf manually"
• A new, checkmarked filter will appear: "Update DNS data via DHCP". Uncheck/deactivate it.
• If it's there, take the IP address of the router out of Name Server 1
• Insert the IP addresses of the Name Servers provided by your ISP into slots for Name Server 1 and Name Server 2

Now that the IP is fixed at 192.168.2.100, you move on to forwarding ports through the router to that address.

↑↑↑↑Find out what port-forwarding Ktorrent needs

Open Ktorrent from the Kmenu with these clicks: Kmenu --> Applications --> Internet --> Data Exchange --> Bit Torrent/Ktorrent. Then click Settings --> Configure Ktorrent --> Network. You'll see this:

If you are behind an externalfirewall that protects the LAN, e.g. in a hardware router or broadband modem etc, you will have to make passage through that external firewall to the client openSUSE machine. You set up Port Forwading through the external firewall for that. Ktorrent tells you which ports to use. Here they are 6881 (tcp) and 4444 (udp).

In addition to the external firewall, you need to open passage through the client workstation's firewall, SuSEfirewall2, for ports 6881 & 4444.

See below for both of these firewall techniques.

↑↑↑↑Letting BitTorrent through the firewall in the router

You already know from the IP range you're using that the router is at the router is at 192.168.2.1 (or whatever you get/got). You can goto the router in your web browser and set it up. Enter 192.168.2.1 or whatever in the browser address bar, log in to the router and look for the tab that takes you to NAT routing. You'll get a screen like this where I have entered and marked settings appropriate for this example computer:

↑↑↑↑Letting KTorrent through openSUSE's firewall (SuSEfirewall2)

This is fairly straightforward. GoTo the Firewall Allowed Services module (at Yast --> Security and Users --> Firewall --> Allowed Services). Select the Advanced button: add 6881 to the TCP entries and 4444 to the UDP entries. These are space separated lists so if there are other entries already, separate the new ones from them using space/s.

Life's good. have a good one
Cheers
Swerdna. Last updated Feb 07 2009

How you can help

Samba: Browsing Shares

On-the-fly File Shares

About Usershares

CIFS: Mapped Drives
& Mounted Shares

Samba and Vista
Samba & Windows 7

Lan & Net Connectivity