[SOLVED] outgoing port range ignored

[eponymous]

I've noticed this behaviour in 1.3.5-r2 on Gentoo. Could it be a regression?

If i select 6881:6889 for both incoming and outgoing and then run "netstate -anp" I only see random connections on ports 30000 up to 65535...

This isn't so good for me since I've currently got a rule in my IPTables config to only allow outgoing connections where the source port is 6881:6889.

This means the connections are stuck in the SYN_SENT stage and never ESTABLISH.

Adding a rule to allow source ports 30000:65535 is a workaround for the issue.

Any ideas?

[eponymous]

So after checking my ~/.confg/deluge/core.conf I have this:

Code: Select all

...  
"dont_count_slow_torrents": false,
  "random_outgoing_ports": false,
  "max_upload_slots_per_torrent": 8,
...

However the debug output log shows:

Code: Select all

[DEBUG   ] 10:33:36 config:197 Setting 'dont_count_slow_torrents' to False of <type 'bool'>
[DEBUG   ] 10:33:36 config:197 Setting 'random_outgoing_ports' to True of <type 'bool'>
[DEBUG   ] 10:33:36 config:197 Setting 'dht' to True of <type 'bool'>

It seems my core.conf is being ignored unless this is just what the values are being initialized to before the config file is read. This isn't clear from the log.. :S

[eponymous]

Ok I've just tested 1.3.3 and this exhibits the same issue. Am I missing something here? This used to work fine but now doesn't... I'm scratching my head..

[Cas]

Please do not resurrect a 4 year old thread, just create a new thread and reference the old one.

Changing Deluge version will not affect low-level networking issues as this is all controlled by libtorrent. So what version of libtorrent do you have installed?

[Cas]

Also setting the outgoing port range is not recommended as detailed in the libtorrent docs:

outgoing_ports, if set to something other than (0, 0) is a range of ports used to bind outgoing sockets to. This may be useful for users whose router allows them to assign QoS classes to traffic based on its local port. It is a range instead of a single port because of the problems with failing to reconnect to peers if a previous socket to that peer and port is in TIME_WAIT state.

Warning:
Setting outgoing ports will limit the ability to keep multiple connections to the same client, even for different torrents. It is not recommended to change this setting. Its main purpose is to use as an escape hatch for cheap routers with QoS capability but can only classify flows based on port numbers.

It could also be that you have not opened enough outgoing ports which can be checked by looking for too_few_outgoing_ports performance alerts in debug logs.

[eponymous]

I have net-libs/rb_libtorrent-0.16.5 installed.

I'm not seeing those debug messages you mentioned in the log.

The reason I have the ports restricted is so that I can open the equivalent ports in my IPTables. I have this set up for security so that if my system is compromised, no-one will be get out of the machine and compromise other services on other machines.

At the moment I'm not able to get the torrents to download even if I take the firewall down and set the machine in a DMZ..

Thanks for looking at this for me.

[eponymous]

The issue with the stuck torrents went away when I re-installed 1.3.5-r2 (Bug: https://bugs.gentoo.org/show_bug.cgi?id=449818).

Also, the ports are now obeying the outgoing range rules - odd. The only thing I did differently was use the GTK UI to configure Deluge over an SSH port forward rather than using the Web UI.

I had notcied with the Web UI that you can't enter port numbers in directly - you have to use the up/down buttons and sometimes you get random values appearing in the boxes if you close the preferences window and re-open it. This could be a browser issue however.

EDIT: I've marked this as solved since it is now working. I'm not sure what exactly was the root cause but I will be using the GTK UI for initial configuration from now on .