Demand for Gnutella masquerading module (Linux)?

H

HmgGuy

New member
Hi,
I ask myself if there is demand for Linux masquerading/netfilter module (Kernel 2.4)?

This would allow incoming connections behind Linux firewalls/routers (home networks, intranet), less Gnutella Pushs and more available files. Currently this could only achieved through port forwarding, which is not very easy to setup for beginners - at least not default in any distibution (with a loose packetfilter configuration out of the box).
If there are more Gnutella servants which support Socks/NAT... or a good Linux proxy/reflector for Gnutella... then there might no demand for a masquerading/netfilter module?

Thx for feedback, Moak
 
i agree. my only question is will this work in linux 2.4? i used to work with bsd systems which were all nat based, and while i could manually configure forwarding for a single system, i couldn't do anything similar to what linux 2.2's irc or ftp modules allow. at home i still run 2.2 on my server, so i haven't really played around with 2.4 ip routing stuff. still, such a module would be *very* welcome
 
Yes, NAT is supported in kernel 2.4.x, simple masqueraded forwarding is also possible with older kernels. Right now the feedback for this new linux kernel module is _very_ low... maybe someone want to help coding?

Here is a link about "Writing a Module for netfilter" (kernel 2.4)
http://www.linux-mag.com/depts/gear.html
 
I did setup a mailinglist for developers now. If there are more
coders/network or gnutella specialists who would like to help,
please join. This is only about gnutella module development,
not about gnutella clients.

To subscribe to the list: Send an email with the following
text to the mail server (inside body, no subject).

To: [email protected]
subscribe gnutella (nick)name

CU, Moak

[UPDATE] The mailinglist is closed due lack of interest and might be used for another gnutella project in future.
 
Hey.

I just got a message from another person, who wants to join. So maybe this project is really starting up!

I'd really love to have this module!

cu Dun3
 
I'm using Debian with a 2.4.12 kernel. I have a utility called FWBuilder installed, to allow me to manipulate the iptables stuff graphically. My laptop (Win 2000 most times :-) ) sits behind my linux firewall, and I use Bearshare and/or Phex with no problems. You just have to configure iptables to forward whatever port you are sharing on (default 6346) to your internal machine (in my case the laptop). Everything works fine, I just have to configure my Gnutella client to specify the IP address as the one on my external interface.

The actual iptables lines that configures the forwarding is

#
# Rule #0
#
# Gnutella
#
iptables -N RULE_0
iptables -A OUTPUT -p tcp -m state --state NEW -d 192.168.0.2 --destination-port 6346 -j RULE_0
iptables -A FORWARD -p tcp -m state --state NEW -d 192.168.0.2 --destination-port 6346 -j RULE_0
iptables -A RULE_0 -m state --state NEW -j LOG --log-level debug --log-prefix "RULE 0 -- Accept "
iptables -A RULE_0 -m state --state NEW -j ACCEPT

but I highly recommend fwbuilder.

HTH,

Gollo.
 
Well. That is true. But well known. Thanks anyway.

The problem with this is: It is good for ONE client behind a firewall. But when there are several of them it is hard to maintain.
And with DHCP nearly impossible.

And your aproach has the problem: If you have a dynamic external IP you have to readjust the force IP-option.

That should be done by this module on the fly.

Thanks again for your idea.
cu Dun3
 
Back
Top