I'm having some trouble setting up my asus with rtorrent.
Somehow i cannot get to being able to upload. (peers cannot connect to me)
I was thinking it a port forwarding problem so i've been trying these:
My rtorrent is set to use ports 51777-51780 (so default setting).

-Port Range forwarding (WEBGUI)
-Port Forwarding: all of them,one of them (WEBGUI)
-iptables -A INPUT -p tcp --dport 51777:51780 -j ACCEPT
-iptables -I INPUT 1 -p tcp --dport 51777:51780 -j ACCEPT
-iptables -A INPUT -p tcp --dport 51777:51780 -j logaccept
-iptables -I INPUT 1 -p tcp --dport 51777:5780 -j logaccept
-all those with FORWARD instead of input
-iptables -A INPUT -p tcp --syn -i "$1" --dport 51777:51780 -j ACCEPT

so basically every variation of every command i could find around this forum.
iptables -L shows all those rules are there (currently all at once)

Chain INPUT (policy ACCEPT)
target prot opt source destination
logaccept tcp -- anywhere anywhere tcp dpts:51777:5178 0
ACCEPT tcp -- anywhere anywhere tcp dpts:51777:5178 0
logaccept tcp -- anywhere anywhere tcp dpts:51777:5178 0
ACCEPT 0 -- anywhere anywhere state RELATED,ESTAB LISHED
DROP udp -- anywhere anywhere udp dpt:route
DROP udp -- anywhere anywhere udp dpt:route
ACCEPT udp -- anywhere anywhere udp dpt:route
logdrop icmp -- anywhere anywhere
logdrop igmp -- anywhere anywhere
ACCEPT udp -- anywhere anywhere udp dpt:5060
ACCEPT 0 -- anywhere anywhere state NEW
logaccept 0 -- anywhere anywhere state NEW
logdrop 0 -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpts:51777:5178 0 flags:FIN,SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:51777 flags :FIN,SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpts:51777:5178 0
ACCEPT tcp -- anywhere anywhere tcp dpts:51777:5178 0
logaccept tcp -- anywhere anywhere tcp dpts:51777:5178 0
logaccept tcp -- anywhere anywhere tcp dpt:51780
logaccept tcp -- anywhere anywhere tcp dpts:51777:5178 0
ACCEPT tcp -- anywhere anywhere tcp dpts:51777:5178 0

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpts:51777:5178 0
logaccept tcp -- anywhere anywhere tcp dpts:51777:5178 0
logaccept tcp -- anywhere anywhere tcp dpts:51777:5178 0
ACCEPT gre -- 192.168.1.0/24 anywhere
ACCEPT tcp -- 192.168.1.0/24 anywhere tcp dpt:1723
ACCEPT 0 -- anywhere anywhere
logdrop 0 -- anywhere anywhere state INVALID
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/S YN TCPMSS clamp to PMTU
lan2wan 0 -- anywhere anywhere
ACCEPT 0 -- anywhere anywhere state RELATED,ESTAB LISHED
logaccept tcp -- anywhere 3ddy tcp dpt:16567
logaccept udp -- anywhere 3ddy udp dpt:16567
TRIGGER 0 -- anywhere anywhere TRIGGER type:in mat ch:0 relate:0
trigger_out 0 -- anywhere anywhere
logaccept 0 -- anywhere Asus_Wl500gP
logaccept 0 -- anywhere anywhere state NEW
logdrop 0 -- anywhere anywhere
logaccept tcp -- anywhere anywhere tcp dpts:51777:5178 0
ACCEPT tcp -- anywhere anywhere tcp dpts:51777:5178

i'm still not connectable by peers. Also port scanners/testers time out on those ports.

I cannot think of anything else, so plz someone help me. :)

I am not expert about iptables, but try to lower abstraction, use only in post-firewall:


iptables -D INPUT -j DROP
iptables -A INPUT -p tcp --dport 51777:51780 -j ACCEPT
iptables -A INPUT -p udp --dport 6881 -j ACCEPT
iptables -A INPUT -j DROP

i have no flags in iptables -L:

ACCEPT tcp -- anywhere anywhere tcp dpts:51777:51780
ACCEPT udp -- anywhere anywhere udp dpt:6881

and by the way: Do you have static ip(active)?

its the same result without any flags
i have dynamic ip from the ISP's DHCP server

its the same result without any flags
i have dynamic ip from the ISP's DHCP server
ok, my new ideas:
Enable Firewall? No
Enable DoS protection? No

create new rule:

iptables -A INPUT -p tcp --dport 81 -j ACCEPT
flashfs save... and run easy webserver:


mkdir /opt/share/www
busybox_httpd -p 81 -h /opt/share/www

from some pc, try to go http://www.canyouseeme.org and check port 81, if u succes the router is visible from internet, check(one of them must be opened) 51777-51780 too.

well, i reinstalled from scratch now its working .
thanks for the help though.

also new problem:
if i restart the router i does not apply the iptables commands in post-firewall.
(iptables -L doesn't show them)
after applying through the terminal its all good

well, i reinstalled from scratch now its working .
thanks for the help though.

also new problem:
if i restart the router i does not apply the iptables commands in post-firewall.
(iptables -L doesn't show them)
after applying through the terminal its all good
after editing iptables(post-firewall):

flashfs save && flashfs commit && flashfs enable && reboot
tip: i have for this easy script:

nano /opt/sbin/save
chmod +x /opt/sbin/save

contents:

#! /bin/sh
flashfs save && flashfs commit && flashfs enable && reboot

Sure. i did that. It's in the post-firewall script after reboot. It doesn't get erased. It's just not applied.
Also i've found that What i have in the Port Trigger section of the webGUI also doesn't get applied at startup.
might be related.