How can I open ports in router and firewall?

I still haven’t managed to solve this.

I’ve tried again with another program that requires ports 2234 to 2239. I’ve opened the six ports like shown above and I’ve stopped and disabled the ufw firewall that I had enabled before, since it isn’t needed according to

The program has a bot that checks the port and it tells me my port is closed. But it’s already opened in my router and the program is using those ports so the firewall should be allowing them. What else can I do?

Your router relays the traffic to your computer.
It has got an IP - and your computer gets an IP from it.

What you need to do is forward those ports to either the same, or different, ports on the IP that your computer uses.
… port forwarding - not just opening ports on the router …

If you just open the port on the router - your computer will not see it.

This port forwarding needs to be done on the router - through it’s interface.

I think that’s what I did as shown on the image above.

it appears that you did that, indeed - sorry that I haven’t read trough the whole rather old thread.

you assigned the forwarding to 192.168.1.122 - make sure it is actually the IP of your computer,
that your computer always gets assigned this address

You could always, at least temporarily, shut down the computers firewall
to eliminate that point of possible failure while you are trying and troubleshooting your problem.
… to decrease complexity …

I disabled and stopped ufw. Is there any other firewall? How do I shut it down?

Are you using a VPN?

No - not if you didn’t install one.

Is the firewall even active in a default installation of Manjaro?
Not sure.

But if you stopped and disabled it,
you did shut it down.

… shut it down … turn it off and make sure it stays that way … stop it …
Synonyms, you know? :wink:

Post:

ip a

OR did you forward the ports from your router to your PC ?

No.

I’ve checked again

❯ sudo ufw status
Status: inactive

❯ sudo systemctl status ufw
○ ufw.service - CLI Netfilter Manager
     Loaded: loaded (/usr/lib/systemd/system/ufw.service; disabled; preset: disabled)
     Active: inactive (dead)

oct 28 18:06:19 arch-desktop ufw-init[386]: Skip starting firewall: ufw (not enabled)
nov 04 13:58:03 arch-desktop systemd[1]: Stopping CLI Netfilter Manager...
nov 04 13:58:03 arch-desktop systemd[1]: ufw.service: Deactivated successfully.
nov 04 13:58:03 arch-desktop ufw-init[3138120]: Skip stopping firewall: ufw (not enabled)
nov 04 13:58:03 arch-desktop systemd[1]: Stopped CLI Netfilter Manager.

Here it is

❯ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether b4:2e:99:1e:0b:98 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.122/24 brd 192.168.1.255 scope global dynamic noprefixroute enp4s0
       valid_lft 64324sec preferred_lft 64324sec
    inet6 fe80::26bc:a8b0:5391:9b53/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
    link/ether 02:42:09:86:9c:a9 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
4: br-b8442be99997: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:ef:7e:30:16 brd ff:ff:ff:ff:ff:ff
    inet 172.18.0.1/16 brd 172.18.255.255 scope global br-b8442be99997
       valid_lft forever preferred_lft forever
    inet6 fe80::42:efff:fe7e:3016/64 scope link
       valid_lft forever preferred_lft forever
6: vethe25df2c@if5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-b8442be99997 state UP group default
    link/ether 92:9b:01:44:e1:3f brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::909b:1ff:fe44:e13f/64 scope link
       valid_lft forever preferred_lft forever
8: veth0b5177a@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-b8442be99997 state UP group default
    link/ether 62:81:12:aa:82:23 brd ff:ff:ff:ff:ff:ff link-netnsid 1
    inet6 fe80::6081:12ff:feaa:8223/64 scope link
       valid_lft forever preferred_lft forever
10: veth107dafd@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-b8442be99997 state UP group default
    link/ether 96:65:51:6c:5f:c7 brd ff:ff:ff:ff:ff:ff link-netnsid 2
    inet6 fe80::9465:51ff:fe6c:5fc7/64 scope link
       valid_lft forever preferred_lft forever

The program gave me an error when I tried using UPnP so I forwarded the ports manually in the router to the PC.

I’m using UPnP without problems for other programs though

UPnP IGD rules table in IPv4

application/service host IP address external port internal port protocol name / IP address
syncthing-45113 0.0.0.0 45113 22000 TCP 192.168.1.134
syncthing-4602 0.0.0.0 4602 22000 TCP 192.168.1.122
Fopnu 0.0.0.0 30825 30825 UDP 192.168.1.122

Should I try the same on another computer where I have a fresh Manjaro installation?

I believe there is an issue with the router. I’ve checked my ports on a website and all TCP ports opened by UPnP are open and all TCP ports opened manually in NAT/PAT are closed. This program gives an error for UPnP so I have no way to open the ports unless I fix the program or the manual port forwarding. Why wouldn’t manual port forwarding work?

Test with tcpdump or wireshark (listen on target). And you can send packets with netcat for example. Test within LAN too.

It could also be your ISP blocking these ports. eMule is not famous for sharing only Linux isos :wink:

1 Like

Sure, sure, sure. FreeBSD ISOs do have a place in our society…

I’ve called the technical support and they weren’t able to open the ports either.

Since manual port forwarding appears to be disabled but the UPnP is working, is there a program that opens as many ports as I want through UPnP?

I’ve tried this script but I got UPnP disabled. I’ve got problems with using UPnP with some programs but others work fine. I just need to find a program like this that works fine for me.

Shouldn’t you open a support ticket at whatever brand your router is? This isn’t a router support forum.

And how exactly could they test that? Anyway, demand a new router then. (I still doubt forwarding isn’t working since it works with UPnP allegedly and we can’t know that if you don’t do the tests.)

As for testing, I already told you what you can do. And as far as random scripts go, why don’t you search repo/AUR first? There is miniupnpc for example.

Using YAUP to open the ports solved this issue.

I’ve been using YAUP but it feels buggy. I have to press the buttons many times for it to activate each port and it fails often. Is there other simple way to use miniupnpc or something similar? Without having to code in C if possible, because I’ve seen that on stackoverflow.

YAUP sometimes says It seems there's something wrong with the device I want to speak to. Please check my settings. and it doesn’t work at all.

I finally found how to open the ports in the router. I had to select the customize option:

Firewall

Configure the firewall.

You can set the Firewall protection level in your Livebox. Default level (medium) it is recommended since assures the operation of your services and the protection of your local network.

low

The firewall does not filter anything. Be careful, this level is reserved to advanced users to whom security is not a priority. Note also that even in this mode, a connection iniated from Internet will not be permitted if a NAT/PAT rule is not created on purpose.

medium

The firewall drops all entering connections. Outgoing traffic is allowed except Netbios services. This mode is the recommended one.

high

The firewall allows the exit of standard services (www,ftp,mail,news,…) and drops unexpected entering connections. This setting is recommended to have a maximal security level. Warning : incompatible with Unik and other services.

Applications (ex: LiveMessenger, peer-to-peer applications, games) relying on the NAT-traversal facilities provided by UPnP IGD will not work properly any more.

customize

This profile allows you to customize your firewall. Thus, you can define some specific filtering rules. (Reserved to expert users).

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.