There's a bug regarding wingate's nat. At Policy / Extended Network Service I only allow traffic in 80, 443 and some other ports. I also allow ICMP.
My problem is with torrents. Wingate simple allow DHT to work, no matter I do, and connect every single request in any ports (examples: 31867, 19178, 63285, etc).
Besides that bug, NO connections from DHT are displayed in Wingate Management / Activity! Evey other connections are displayed fine, like ICMP, http request, other NAT requests. It's like DHT is bypassing anything.
Except for DHT, my rules are working like they are supppose to. Clients cannot even telnet a disallowed port.
Any tips?
Bug in Wingate NAT
Moderator: Qbik Staff
4 posts
• Page 1 of 1
Re: Bug in Wingate NAT
by adrien » May 10 13 5:23 pm
hi
are you sure the DHT connections are even going through WinGate? If they aren't showing in activity, that implies they aren't going through WinGate at all.
Regards
Adrien
are you sure the DHT connections are even going through WinGate? If they aren't showing in activity, that implies they aren't going through WinGate at all.
Regards
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
Re: Bug in Wingate NAT
by intell » May 11 13 12:18 am
Yes, they definitely are. That's the bug.
My wingate machine is the gateway for the entire network. If I turn ENS off, DHT connections (and any torrent) stop downloading. Always with nothing at all showing in Activity.
Can you test my setup? Block all ports at ENS, except 80 and 443... then connect a client and start a torrent (any torrent with many seeds from thepiratebay or another public site).
I really need to block torrents...
My wingate machine is the gateway for the entire network. If I turn ENS off, DHT connections (and any torrent) stop downloading. Always with nothing at all showing in Activity.
Can you test my setup? Block all ports at ENS, except 80 and 443... then connect a client and start a torrent (any torrent with many seeds from thepiratebay or another public site).
I really need to block torrents...
- intell
- Posts: 31
- Joined: Oct 11 11 7:17 am
Re: Bug in Wingate NAT
by adrien » May 13 13 2:53 pm
Hi
We've never had a report that connections going through WinGate that work, are not reported in the activity screen.
unless the torrent client is using UDP ports below 1024, that aren't reported by default.
Check on the routing tab in the Extended Networking dialog, and make sure you enable "Indicate UDP traffic (Port < 1024)".
Also, still in Extended networking, on the firewall tab under Logging, enable log UDP-related messages. and for ports > 1024.
Regards
Adrien de Croy
We've never had a report that connections going through WinGate that work, are not reported in the activity screen.
unless the torrent client is using UDP ports below 1024, that aren't reported by default.
Check on the routing tab in the Extended Networking dialog, and make sure you enable "Indicate UDP traffic (Port < 1024)".
Also, still in Extended networking, on the firewall tab under Logging, enable log UDP-related messages. and for ports > 1024.
Regards
Adrien de Croy
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
4 posts
• Page 1 of 1
Who is online
Users browsing this forum: Google [Bot] and 102 guests