How can I open ports in router and firewall?

I’m trying to open the ports to get a high id in amule

This are the ports being used:
❯ sudo ss -tulpn | grep amule
udp UNCONN 0 0 0.0.0.0:4665 0.0.0.0:* users:((“amule”,pid=54625,fd=15))
udp UNCONN 0 0 0.0.0.0:4672 0.0.0.0:* users:((“amule”,pid=54625,fd=17))
tcp LISTEN 0 4096 0.0.0.0:4662 0.0.0.0:* users:((“amule”,pid=54625,fd=16))

This is what I’ve done on my router website:

And on Manjaro Linux:

❯ sudo systemctl enable --now ufw.service
❯ sudo ufw enable
  # NicotinePlus
❯ sudo ufw allow 2234/tcp
  # eMule
❯ sudo ufw allow 4662/tcp
❯ sudo ufw allow 4663/tcp
❯ sudo ufw allow 4664/tcp
❯ sudo ufw allow 4665/udp
❯ sudo ufw allow 4672/udp
❯ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
2234/tcp                   ALLOW       Anywhere
4662/tcp                   ALLOW       Anywhere
4663/tcp                   ALLOW       Anywhere
4664/tcp                   ALLOW       Anywhere
4665/udp                   ALLOW       Anywhere
4672/udp                   ALLOW       Anywhere
2234/tcp (v6)              ALLOW       Anywhere (v6)
4662/tcp (v6)              ALLOW       Anywhere (v6)
4663/tcp (v6)              ALLOW       Anywhere (v6)
4664/tcp (v6)              ALLOW       Anywhere (v6)
4665/udp (v6)              ALLOW       Anywhere (v6)
4672/udp (v6)              ALLOW       Anywhere (v6)

Testing gives an error:
http://porttest.emule-project.net:81/ct_frame.php?lang=1036&tcpport=4662

Please wait while the ports of your eMule are being tested...


Testing IP: (xxx.xxx.xxx.xxx)

Obfuscation: Disabled

Starting TCP connection test...
TCP test failed! UDP test will not be performed.


Connection test finished.

Results in detail:

    TCP connection test failed.
    It was not possible, to establish a TCP connection to your eMule.
    Other users will only be able to connect to you with the help of a server, resulting in a low ID for you. While eMule still works, this will give you several disadvantages. Therfore it is highly recommended to solve this problem.

 
How to resolve port problems... Something is interfering with your network communications. There are two main reasons for this:

    If you are using a firewall, ensure that your firwall don't block the required ports! You might need to set a rule to allow the ports to be available.
    If you use a router, make sure that your router forwards the required ports to your local IP!


    You can find more details and guides [here in the online help.](http://www.emule-project.net/home/perl/help.cgi?rm=show_entries&cat_id=232)

And most importantly, this is what I want to change:

2022-07-01 00:25:07: Connected to Kad (firewalled)
2022-07-01 00:25:15: WARNING: !! Sharing-Devils No.2 !! (37.221.65.76:4232) - NG : You have a lowid. Please review your network config and/or your settings.
2022-07-01 00:25:15: Connection established on: !! Sharing-Devils No.2 !!
2022-07-01 00:25:15: Connected to !! Sharing-Devils No.2 !! with LowID
2022-07-01 00:25:15: New clientid is 
2022-07-01 00:25:15: WARNING: You have received Low-ID!

For the router part, enable UPnP in your application and router, it will auto configure ports and routing.
Disable firewall with UFW, see from there if it works, then enable firewall and configure it properly for your applications.

By default, on Linux, listening ports are closed unless you actually have a program actively listening to them. So there is no need to explicitly start a firewall and “open” them.

I still haven’t managed to solve this.

I’ve tried again with another program that requires ports 2234 to 2239. I’ve opened the six ports like shown above and I’ve stopped and disabled the ufw firewall that I had enabled before, since it isn’t needed according to

The program has a bot that checks the port and it tells me my port is closed. But it’s already opened in my router and the program is using those ports so the firewall should be allowing them. What else can I do?

Your router relays the traffic to your computer.
It has got an IP - and your computer gets an IP from it.

What you need to do is forward those ports to either the same, or different, ports on the IP that your computer uses.
… port forwarding - not just opening ports on the router …

If you just open the port on the router - your computer will not see it.

This port forwarding needs to be done on the router - through it’s interface.

I think that’s what I did as shown on the image above.

it appears that you did that, indeed - sorry that I haven’t read trough the whole rather old thread.

you assigned the forwarding to 192.168.1.122 - make sure it is actually the IP of your computer,
that your computer always gets assigned this address

You could always, at least temporarily, shut down the computers firewall
to eliminate that point of possible failure while you are trying and troubleshooting your problem.
… to decrease complexity …

I disabled and stopped ufw. Is there any other firewall? How do I shut it down?

Are you using a VPN?

No - not if you didn’t install one.

Is the firewall even active in a default installation of Manjaro?
Not sure.

But if you stopped and disabled it,
you did shut it down.

… shut it down … turn it off and make sure it stays that way … stop it …
Synonyms, you know?

Post:

ip a

OR did you forward the ports from your router to your PC ?

No.

I’ve checked again

❯ sudo ufw status
Status: inactive

❯ sudo systemctl status ufw
○ ufw.service - CLI Netfilter Manager
     Loaded: loaded (/usr/lib/systemd/system/ufw.service; disabled; preset: disabled)
     Active: inactive (dead)

oct 28 18:06:19 arch-desktop ufw-init[386]: Skip starting firewall: ufw (not enabled)
nov 04 13:58:03 arch-desktop systemd[1]: Stopping CLI Netfilter Manager...
nov 04 13:58:03 arch-desktop systemd[1]: ufw.service: Deactivated successfully.
nov 04 13:58:03 arch-desktop ufw-init[3138120]: Skip stopping firewall: ufw (not enabled)
nov 04 13:58:03 arch-desktop systemd[1]: Stopped CLI Netfilter Manager.

Here it is

❯ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether b4:2e:99:1e:0b:98 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.122/24 brd 192.168.1.255 scope global dynamic noprefixroute enp4s0
       valid_lft 64324sec preferred_lft 64324sec
    inet6 fe80::26bc:a8b0:5391:9b53/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
    link/ether 02:42:09:86:9c:a9 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
4: br-b8442be99997: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:ef:7e:30:16 brd ff:ff:ff:ff:ff:ff
    inet 172.18.0.1/16 brd 172.18.255.255 scope global br-b8442be99997
       valid_lft forever preferred_lft forever
    inet6 fe80::42:efff:fe7e:3016/64 scope link
       valid_lft forever preferred_lft forever
6: vethe25df2c@if5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-b8442be99997 state UP group default
    link/ether 92:9b:01:44:e1:3f brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::909b:1ff:fe44:e13f/64 scope link
       valid_lft forever preferred_lft forever
8: veth0b5177a@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-b8442be99997 state UP group default
    link/ether 62:81:12:aa:82:23 brd ff:ff:ff:ff:ff:ff link-netnsid 1
    inet6 fe80::6081:12ff:feaa:8223/64 scope link
       valid_lft forever preferred_lft forever
10: veth107dafd@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-b8442be99997 state UP group default
    link/ether 96:65:51:6c:5f:c7 brd ff:ff:ff:ff:ff:ff link-netnsid 2
    inet6 fe80::9465:51ff:fe6c:5fc7/64 scope link
       valid_lft forever preferred_lft forever

The program gave me an error when I tried using UPnP so I forwarded the ports manually in the router to the PC.

I’m using UPnP without problems for other programs though

UPnP IGD rules table in IPv4

Should I try the same on another computer where I have a fresh Manjaro installation?

I believe there is an issue with the router. I’ve checked my ports on a website and all TCP ports opened by UPnP are open and all TCP ports opened manually in NAT/PAT are closed. This program gives an error for UPnP so I have no way to open the ports unless I fix the program or the manual port forwarding. Why wouldn’t manual port forwarding work?

Test with tcpdump or wireshark (listen on target). And you can send packets with netcat for example. Test within LAN too.

It could also be your ISP blocking these ports. eMule is not famous for sharing only Linux isos

Sure, sure, sure. FreeBSD ISOs do have a place in our society…

I’ve called the technical support and they weren’t able to open the ports either.

Since manual port forwarding appears to be disabled but the UPnP is working, is there a program that opens as many ports as I want through UPnP?

I’ve tried this script but I got UPnP disabled. I’ve got problems with using UPnP with some programs but others work fine. I just need to find a program like this that works fine for me.

Shouldn’t you open a support ticket at whatever brand your router is? This isn’t a router support forum.

And how exactly could they test that? Anyway, demand a new router then. (I still doubt forwarding isn’t working since it works with UPnP allegedly and we can’t know that if you don’t do the tests.)

As for testing, I already told you what you can do. And as far as random scripts go, why don’t you search repo/AUR first? There is miniupnpc for example.

Using YAUP to open the ports solved this issue.