Bug:[solved] Off-by 1 error when manually opening port

[phillipsjk]

Update: Now falls into "worksforme" bug report category.

Hello,

I have done everything listed In "How to report a Bug" except try it with the nightly build. However, A quick review of the forums indicates that other people are (possibly) running into the same problem, but simply posting a cryptic Message Log.

1. I will be violating one of the examples given by the forum rules: positing my IP address. I believe it is the only way to share a port scan done by an online service. I am considering my IP address public information in this case. My private IP address are non-routable (aside from the specific ports forwarded.)
2. The link for the nightly build does not say how to use it. I am not running MacOS.
3. Version tested: 1.06 build 5136 (Ubuntu) Gui.
4. Manually forward a port-range (required portscan from LAN reveals correct behavior) using incorrect syntax (for 2.0 Linux kernel). Tell transmission to use a specific port. The test will fail. Do a port scan to confirm that a different port is open.
5. N/A (Uploading is lacking)
6. N/A
7. Detailed below

Excerpts from "report.txt" for diagnosing router problems:

Code: Select all

        FREESCO v0.3.7 System Report.
        Generated - Fri Nov 27 17:50:12  2009


        ----- clock -----
Fri Nov 27 17:50:13 2009


        ----- cat /etc/system.cfg -----
# [System]
ROUTER=ethernet # dialup/leased/ethernet/bridge
HOSTNAME=router #611 Router name
DOMAIN=inet     #612 Local domain
ENAMSQ=y        #11 NAT/firewall
STLTH=          #111 Stealth or Reject
NPNG=y          #112 ICMP responses
NBRG=n          #12 Bridging mode
BIGMEM=n        #13 Command line history
RMDRV=y         #19 Enable ram disk
RSRM=y          #191 Restrict ram to 4MB
SVRS=10,0       #14 Blank screen,hdd. 0 = off
SSVR=0,tclock,12        #14 Screen saver,Name,options. 0 = off
SWPSZ=0         #15 Swap size. 0 = off
LGSZ=50000,5000 #16 System,logins log sizes
SVLG=n          #163 Save system logs
NBP=y           #17 beeps
NMN=n           #20 flashing leds
NLGGR=y         #201 Network monitor
NTOP=           #202 top monitor
NCON=           #203 ISP connect time
DCON=           #204 RAS connect time
LLED=           #205 Link LED
CLRS=n          #21 console colors
NPNP=y          #22 ISA PnP
DFSP=           # Default dialup ISP
RDNLY=y         #10 Run in ram
.
.
.
        ----- cat /etc/portfw.cfg | sed s/\#.*//g -----
udp,5000,-5100,192.168.26.5
tcp,1720,1720,192.168.26.5
tcp,30000,-30010,192.168.26.5
tcp,6881,6882,192.168.26.69
tcp,6883,6884,192.168.26.5
tcp,6885,6886,192.168.26.9
tcp,6887,6888,192.168.26.100
tcp,6889,6890,192.168.131.9

tcp,6112,-6119,192.168.26.5
udp,6112,-6119,192.168.26.5
tcp,4000,4000,192.168.26.5
udp,4000,4000,192.168.26.5
tcp,3658,-3660,192.168.26.5
udp,3658,-3660,192.168.26.5
tcp,6500,6500,192.168.26.5
udp,6500,6500,192.168.26.5
tcp,27900,27900,192.168.26.5
udp,27900,27900,192.168.26.5
tcp,28910,28910,192.168.26.5
udp,28910,28910,192.168.26.5
tcp,4711,4711,192.168.26.5
udp,16567,16567,192.168.26.5
udp,29900,29900,192.168.26.5
tcp,29900,-29901,192.168.26.5
.
.
.

Hmm. The DHCP leases didn't make it in. The relevant line is:
"tcp,6887,6888,192.168.26.100" in /etc/portfw.cfg


Requested lines from Message Log:

Code: Select all

06:12:56 Port Mapping: mapping state changed from 'not mapped' to 'mapping'
06:12:56 Port Mapping: opened port 51413 to listen for incoming peer connections
06:13:04 Port Mapping (NAT-PMP): readnatpmpresponseorretry returned error -7, errno is 111 (Connection refused)
06:13:04 Port Mapping (NAT-PMP): If your router supports NAT-PMP, please make sure NAT-PMP is enabled!
06:13:04 Port Mapping (NAT-PMP): NAT-PMP port forwarding unsuccessful, trying UPnP next
06:13:12 Port Mapping (UPNP): upnpDiscover returned NULL (errno 2 - No such file or directory)
06:13:12 Port Mapping (UPNP): UPNP_GetValidIGD failed.  (errno 0 - Success)
06:13:12 Port Mapping (UPNP): If your router supports UPnP, please make sure UPnP is enabled!
06:13:12 Port Mapping: mapping state changed from 'mapping' to 'error'
10:01:25 Port Mapping: closing port 51413
10:01:25 Port Mapping: opened port 6687 to listen for incoming peer connections
10:01:47 Port Mapping: closing port 6687
10:01:47 Port Mapping: opened port 6887 to listen for incoming peer connections
10:47:26 Port Mapping: closing port 6887
10:47:26 Port Mapping: opened port 6888 to listen for incoming peer connections

I paused the download and put computer in suspend mode while playing with the router. Upon start-up it (computer running transmission) renews its IP address using RFC 5227 (IPv4 Address Conflict Detection). After the last change, I decided to do a fresh portscan for reporting the possible problem with the router (After calling my ISP to confirm they weren't blocking the port).

http://nmap-online.com/, URL trimmed since page returned a "Forbidden" message. Obfuscated IP address.

Code: Select all

Nmap Options: -p6880-6890 -T4 -sS 208.99.x.x

Starting Nmap 4.75 ( http://nmap.org ) at 2009-11-27 18:57 St�edn� Evropa (b�n� �as)
Interesting ports on 208-99-x-x-dynamic401-dsl.ucc-net.ca (208.99.x.x):
PORT STATE SERVICE
6880/tcp closed unknown
6881/tcp closed bittorrent-tracker
6882/tcp closed unknown
6883/tcp filtered unknown
6884/tcp closed unknown
6885/tcp closed unknown
6886/tcp closed unknown
6887/tcp open unknown
6888/tcp closed unknown
6889/tcp closed unknown
6890/tcp closed unknown

Nmap done: 1 IP address (1 host up) scanned in 9.30 seconds

The Scan shows port 6887 as open while Transmission is ostensibly listening on port 6888.

[livings124]

Version 1.06 was released 21 months ago and is no longer supported. Can you try either version 1.76 or the latest developmental build?

[phillipsjk]

Okay, I installed nmap on one of my other machines (different sub-net):

Code: Select all

workhorse:/home/james#  nmap -p6880-6890 -T4 -sS 192.168.26.100

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2009-11-27 08:12 MST
Interesting ports on test (192.168.26.100):
PORT     STATE  SERVICE
6880/tcp closed unknown
6881/tcp closed bittorent-tracker
6882/tcp closed unknown
6883/tcp closed unknown
6884/tcp closed unknown
6885/tcp closed unknown
6886/tcp closed unknown
6887/tcp closed unknown
6888/tcp open   unknown
6889/tcp closed unknown
6890/tcp closed unknown

Nmap finished: 1 IP address (1 host up) scanned in 0.355 seconds

This says port 6888 is open, as expected.
The online scanner still reports port 6887 is open.

Now I have to determine if it is my ISP or router mangling the packets

I think I will set up a packet sniffer later on the Internet-facing side of the router.

Update: I did some packet sniffing on the Internet-facing side of the router. It appears that my router is responsible for mangling the ports. The first capture was inconclusive because the Online scanner mentioned sends the packets all at once/not in order (could be the ADSL modem messing up the order). However, since the capture happened during a live BitTorrent session, I was able to observe several hosts trying to connect to port 6888: suggesting the ISP is not blocking that port, and that the tracker told them to. For the second packet capture I used http://labs.programming-designs.com/portscanner/ It breaks up each probe with HTTP requests allowing me to see that the router (or something behind it) is responding to port 6887 (but not 6888). I also observed that the router seems to leak a private IP address in the ICMP response when a port is being forwarded to a disconnected host.

Update: I resolved the off-by-1 issue by adjusting the syntax used to specify a port range. Apparently, my router software does not like an implied port range of 2. http://www.freesco.info/support-forum/v ... 20&t=17324

Sorry for any inconvenience. 21 Months old and unsupported? That is about how long it takes me to configure my machine!
(I think I am improving: maybe months instead of years for configuring in my future?)