I have been trying to come up with some secure firewall rules to allow me to use Azureus. After a lot of trial and error I have come up with the following rules which allow Azureus to function correctly. Can anybody suggest any changes to these rules to make them more secure?
The last rule seems a little generic and weak but as Azureus uses a seemingly random array of outbound tcp ports it was the only way I could get things working smoothly.
Code:
/sbin/iptables -A INPUT -p tcp --dport 55555 -j ACCEPT
/sbin/iptables -A INPUT -p udp --dport 55555 -j ACCEPT
/sbin/iptables -A OUTPUT -p tcp --dport 55555 -j ACCEPT
/sbin/iptables -A OUTPUT -p udp --dport 55555 -j ACCEPT
/sbin/iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -j ACCEPTThe last rule seems a little generic and weak but as Azureus uses a seemingly random array of outbound tcp ports it was the only way I could get things working smoothly.