Bitcoin Forum
December 04, 2016, 06:14:12 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Why is IPTABLES periodically blocking port 8333?  (Read 2026 times)
Chick
Member
**
Offline Offline

Activity: 70


View Profile
July 19, 2011, 09:51:59 AM
 #1

Hi, I have a simple question. I've disabled UPnP from bitcoin.conf. Here are my IPTABLE rules regarding port 8333:

Code:
-A INPUT -p tcp --dport 8333 -m state --state NEW -j ACCEPT

However, using netstat shows that there are tons of connections from other nodes onto my server from port 8333. Periodically, I see in the IPTABLES log that a few packets going to port 8333 are being rejected, why is this the case? I do allow ESTABLISHED and RELATED connection packets through.

Also, can anybody tell me why there are also other random ports that are showing as a destination on netstat? I thought Bitcoin only used port 8333 for connecting to other nodes and 8332 for the API.


1480832052
Hero Member
*
Offline Offline

Posts: 1480832052

View Profile Personal Message (Offline)

Ignore
1480832052
Reply with quote  #2

1480832052
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480832052
Hero Member
*
Offline Offline

Posts: 1480832052

View Profile Personal Message (Offline)

Ignore
1480832052
Reply with quote  #2

1480832052
Report to moderator
CERN
Newbie
*
Offline Offline

Activity: 24


View Profile
July 19, 2011, 01:21:06 PM
 #2

It could be that another rule preceding the one in question is rejecting or dropping connections. I'm afraid that it's impossible to give an answer about why it's happening without seeing your full iptables ruleset

As for the second question:

Quote from: Gavin Andresen
Bitcoin 0.3.24 adds a   -port=  option to listen on a port other than 8333 for incoming connections.

(a quote from this post)

Along with upnp, etc...  The short answer is that your bitcoin client is likely connecting to peers that are just using a port other than 8333 Smiley
Chick
Member
**
Offline Offline

Activity: 70


View Profile
July 20, 2011, 07:42:55 AM
 #3

It could be that another rule preceding the one in question is rejecting or dropping connections. I'm afraid that it's impossible to give an answer about why it's happening without seeing your full iptables ruleset

As for the second question:

Quote from: Gavin Andresen
Bitcoin 0.3.24 adds a   -port=  option to listen on a port other than 8333 for incoming connections.

(a quote from this post)

Along with upnp, etc...  The short answer is that your bitcoin client is likely connecting to peers that are just using a port other than 8333 Smiley

Never mind that, I've solved it. The remote host basically couldn't complete the data transfer and issues a ACK/FIN tcp packet to close the connection, but my server drops and logs the request.

Thanks!

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!