[Risolto] Test apertura porte fallisce con Fastgate

1- Versione aMule AdunanzA utilizzata (da terminale amule --version o amuled --version): aMule 2.3.2 compiled with wxGTK2 v3.0.4 and Boost 1.67 (OS: Linux)/
2- Colore delle frecce sul MappaMondo in basso a destra: Giallo + Giallo
3- Prima terzina dell’indirizzo IP rilevato QUI 1,5k (es. 100.XX., 10.XX, 2.23X): 93.46.90.XX
4- Informazioni sul Sistema (digita nel Terminale uname -a e riporta qui il risultato): 5.4.0-88-generic #99-Ubuntu SMP Thu Sep 23 17:29:00 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
5- Informazioni distro (se presente, lsb_release -a):
6- Regole del Firewall (digita nel Terminale sudo iptables -L -v -n e copia qui il risultato):

Chain INPUT (policy DROP 264 packets, 16926 bytes)
pkts bytes target prot opt in out source destination
49119 66M LIBVIRT_INP all – * * 0.0.0.0/0 0.0.0.0/0
49209 66M ufw-before-logging-input all – * * 0.0.0.0/0 0.0.0.0/0
49209 66M ufw-before-input all – * * 0.0.0.0/0 0.0.0.0/0
279 20836 ufw-after-input all – * * 0.0.0.0/0 0.0.0.0/0
264 16926 ufw-after-logging-input all – * * 0.0.0.0/0 0.0.0.0/0
264 16926 ufw-reject-input all – * * 0.0.0.0/0 0.0.0.0/0
264 16926 ufw-track-input all – * * 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 LIBVIRT_FWX all – * * 0.0.0.0/0 0.0.0.0/0
0 0 LIBVIRT_FWI all – * * 0.0.0.0/0 0.0.0.0/0
0 0 LIBVIRT_FWO all – * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-before-logging-forward all – * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-before-forward all – * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-after-forward all – * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-after-logging-forward all – * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-reject-forward all – * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-track-forward all – * * 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT 5 packets, 224 bytes)
pkts bytes target prot opt in out source destination
30397 71M LIBVIRT_OUT all – * * 0.0.0.0/0 0.0.0.0/0
30489 71M ufw-before-logging-output all – * * 0.0.0.0/0 0.0.0.0/0
30489 71M ufw-before-output all – * * 0.0.0.0/0 0.0.0.0/0
1112 92501 ufw-after-output all – * * 0.0.0.0/0 0.0.0.0/0
1112 92501 ufw-after-logging-output all – * * 0.0.0.0/0 0.0.0.0/0
1112 92501 ufw-reject-output all – * * 0.0.0.0/0 0.0.0.0/0
1112 92501 ufw-track-output all – * * 0.0.0.0/0 0.0.0.0/0

Chain LIBVIRT_FWI (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all – * virbr1 0.0.0.0/0 192.168.100.0/24 ctstate RELATED,ESTABLISHED
0 0 REJECT all – * virbr1 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 ACCEPT all – * virbr0 0.0.0.0/0 192.168.122.0/24 ctstate RELATED,ESTABLISHED
0 0 REJECT all – * virbr0 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable

Chain LIBVIRT_FWO (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all – virbr1 * 192.168.100.0/24 0.0.0.0/0
0 0 REJECT all – virbr1 * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 ACCEPT all – virbr0 * 192.168.122.0/24 0.0.0.0/0
0 0 REJECT all – virbr0 * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable

Chain LIBVIRT_FWX (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all – virbr1 virbr1 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all – virbr0 virbr0 0.0.0.0/0 0.0.0.0/0

Chain LIBVIRT_INP (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp – virbr1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT tcp – virbr1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
0 0 ACCEPT udp – virbr1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67
0 0 ACCEPT tcp – virbr1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
0 0 ACCEPT udp – virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT tcp – virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
0 0 ACCEPT udp – virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67
0 0 ACCEPT tcp – virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:67

Chain LIBVIRT_OUT (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp – * virbr1 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT tcp – * virbr1 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
0 0 ACCEPT udp – * virbr1 0.0.0.0/0 0.0.0.0/0 udp dpt:68
0 0 ACCEPT tcp – * virbr1 0.0.0.0/0 0.0.0.0/0 tcp dpt:68
0 0 ACCEPT udp – * virbr0 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT tcp – * virbr0 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
0 0 ACCEPT udp – * virbr0 0.0.0.0/0 0.0.0.0/0 udp dpt:68
0 0 ACCEPT tcp – * virbr0 0.0.0.0/0 0.0.0.0/0 tcp dpt:68

Chain ufw-after-forward (1 references)
pkts bytes target prot opt in out source destination

Chain ufw-after-input (1 references)
pkts bytes target prot opt in out source destination
0 0 ufw-skip-to-policy-input udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:137
3 1452 ufw-skip-to-policy-input udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:138
3 132 ufw-skip-to-policy-input tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139
8 404 ufw-skip-to-policy-input tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
0 0 ufw-skip-to-policy-input udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:67
0 0 ufw-skip-to-policy-input udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:68
1 1922 ufw-skip-to-policy-input all – * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST

Chain ufw-after-logging-forward (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG all – * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-after-logging-input (1 references)
pkts bytes target prot opt in out source destination
118 7739 LOG all – * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-after-logging-output (1 references)
pkts bytes target prot opt in out source destination

Chain ufw-after-output (1 references)
pkts bytes target prot opt in out source destination

Chain ufw-before-forward (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0 icmptype 3
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0 icmptype 11
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0 icmptype 12
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
0 0 ufw-user-forward all – * * 0.0.0.0/0 0.0.0.0/0

Chain ufw-before-input (1 references)
pkts bytes target prot opt in out source destination
736 71246 ACCEPT all – lo * 0.0.0.0/0 0.0.0.0/0
48111 66M ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
23 1054 ufw-logging-deny all – * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
23 1054 DROP all – * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0 icmptype 3
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0 icmptype 11
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0 icmptype 12
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
0 0 ACCEPT udp – * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
339 26814 ufw-not-local all – * * 0.0.0.0/0 0.0.0.0/0
54 5718 ACCEPT udp – * * 0.0.0.0/0 224.0.0.251 udp dpt:5353
0 0 ACCEPT udp – * * 0.0.0.0/0 239.255.255.250 udp dpt:1900
285 21096 ufw-user-input all – * * 0.0.0.0/0 0.0.0.0/0

Chain ufw-before-logging-forward (1 references)
pkts bytes target prot opt in out source destination

Chain ufw-before-logging-input (1 references)
pkts bytes target prot opt in out source destination

Chain ufw-before-logging-output (1 references)
pkts bytes target prot opt in out source destination

Chain ufw-before-output (1 references)
pkts bytes target prot opt in out source destination
738 71326 ACCEPT all – * lo 0.0.0.0/0 0.0.0.0/0
28639 70M ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
1112 92501 ufw-user-output all – * * 0.0.0.0/0 0.0.0.0/0

Chain ufw-logging-allow (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all – * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] "

Chain ufw-logging-deny (2 references)
pkts bytes target prot opt in out source destination
13 654 RETURN all – * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID limit: avg 3/min burst 10
10 400 LOG all – * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-not-local (1 references)
pkts bytes target prot opt in out source destination
281 17722 RETURN all – * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
54 5718 RETURN all – * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST
4 3374 RETURN all – * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
0 0 ufw-logging-deny all – * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10
0 0 DROP all – * * 0.0.0.0/0 0.0.0.0/0

Chain ufw-reject-forward (1 references)
pkts bytes target prot opt in out source destination

Chain ufw-reject-input (1 references)
pkts bytes target prot opt in out source destination

Chain ufw-reject-output (1 references)
pkts bytes target prot opt in out source destination

Chain ufw-skip-to-policy-forward (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all – * * 0.0.0.0/0 0.0.0.0/0

Chain ufw-skip-to-policy-input (7 references)
pkts bytes target prot opt in out source destination
15 3910 DROP all – * * 0.0.0.0/0 0.0.0.0/0

Chain ufw-skip-to-policy-output (0 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0

Chain ufw-track-forward (1 references)
pkts bytes target prot opt in out source destination

Chain ufw-track-input (1 references)
pkts bytes target prot opt in out source destination

Chain ufw-track-output (1 references)
pkts bytes target prot opt in out source destination
111 6660 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW
995 85569 ACCEPT udp – * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW

Chain ufw-user-forward (1 references)
pkts bytes target prot opt in out source destination

Chain ufw-user-input (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
4 172 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
0 0 ACCEPT udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:80
2 88 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
0 0 ACCEPT udp – * * 0.0.0.0/0 0.0.0.0/0 udp dpt:443

Chain ufw-user-limit (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all – * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] "
0 0 REJECT all – * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable

Chain ufw-user-limit-accept (0 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0

Chain ufw-user-logging-forward (0 references)
pkts bytes target prot opt in out source destination

Chain ufw-user-logging-input (0 references)
pkts bytes target prot opt in out source destination

Chain ufw-user-logging-output (0 references)
pkts bytes target prot opt in out source destination

Chain ufw-user-output (1 references)
pkts bytes target prot opt in out source destination

7- Testo preformattatoTipo di connessione (es. adsl, fibra, aziendale, alice adsl, wi-fi o cavo): ADSL Fibra FTTH
8- Marca e Modello dell’hag/router a cui sei collegato (es. Technicolor TG788vn): Fastgate GPON 2.5Gb FGA2130FWB
9- L’ indirizzo IP rilasciato dal router al PC (es. 192.168.1.129, 10.110.1.254) che trovate QUI: 192.168.1.143
10- Eventuali altri dati reputati utili (altro hardware o software rilevante): nessuno
11- Breve descrizione del problema: In pratica apro le porte sul router ma il test delle porte fallisce. All’inizio (i primi 15 secondi) amule sembra scaricare come avessi ID Alto per poi arrivare a 0 e poi riparte a basse velocità. La cosa strana è che fino a qualche mese fa funzionava tutto, poi, senza che facessi nessuna modifica (forse un aggiornamento del OS?) non sono più riuscito ad avere ID Alto, nemmeno dopo hard reset del router e rifacendo tutte le regole da capo.

-edit- Osservando meglio le policy del firewall, INPUT e FORWARD sono settate su DROP, quindi è lui il colpevole, (devo aver installato qualcosa che le ha modificate).
Adesso devo provare a risettarle come da default con:
sudo iptables -P INPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT

Appena riesco aggiorno.

-edit 2- Confermo il problema era quello.
Oltre ai comandi sopra, che rendono la modifica temporanea, ho installato iptable-persistent per salvare le impostazioni permanentemente e ho usato il comando per la trascrizione delle nuove impostazioni sul file dei salvataggi, nella fattispecie:

** sudo apt install iptables-persistent
sudo iptables-save > /etc/iptables/rules.v4**

E adesso funziona tutto.

2 Likes

Sono felice che hai risolto :stuck_out_tongue_winking_eye: e grazie per le spiegazioni!

Buona condivisione!

1 Like