Transmission trying to establish connections to bogon nets!

Ask for help and report issues not specific to either the Mac OS X or GTK+ versions of Transmission
Post Reply
Master One
Posts: 6
Joined: Thu Feb 12, 2009 11:44 am

Transmission trying to establish connections to bogon nets!

Post by Master One »

My firewall-gateway first filters all incoming and then outgoing packets from/to the internet according a well known bogon list.

The awkward thing is now, that only very few packets try to come in from such a prohibited network, but quite some try to go out to such a bogon network from Transmission (v1.22 6191 on Debian Lenny). For example: There were no incoming attempts from source 2.0.0.0/8, but my bittorrent machine tried to send 16 packets (with 60 bytes each and SYN flag set, so an attempt to establish a new connection) to addresses in the 2.0.0.0/8 address space. How is this possible?

Why would Transmission try to establish a new connection to an IP address in a bogon net, if that IP address didn't even try to get in touch with me (otherwise it would have been dropped by the incoming bogon check)?

I mean, if no packet with a source address from 2.0.0.0/8 tried to arrive here, how does Transmission even know the IP address from that address space, which it is trying to contact with a SYN package?

I established the outgoing bogon-list check just recently, and that behavior (about no hits incoming, but quite some outgoing) comes as a big surprise.
Top
rb07
Posts: 1400
Joined: Sun Aug 24, 2008 3:14 am

Re: Transmission trying to establish connections to bogon nets!

Post by rb07 »

Master One wrote:Why would Transmission try to establish a new connection to an IP address in a bogon net, if that IP address didn't even try to get in touch with me (otherwise it would have been dropped by the incoming bogon check)?
Because the tracker or peer-exchange told it to do it.

Are you using block lists with transmission? It does lower those connections a bit, but not totally, keep your firewall/PeerGuardian/moBlock up.
Top
Master One
Posts: 6
Joined: Thu Feb 12, 2009 11:44 am

Re: Transmission trying to establish connections to bogon nets!

Post by Master One »

Just updated to v.1.51 recently, but this behavior still exists. I was always using the blocklist function, but these bogon-connection-attempts are still popping up:

Code: Select all

Chain valid-dst (2 references)
 pkts bytes target     prot opt in     out     source               destination         
   51  2832 REJECT     all  --  any    any     anywhere             2.0.0.0/8           reject-with icmp-net-unreachable 
   15   864 REJECT     all  --  any    any     anywhere             5.0.0.0/8           reject-with icmp-net-unreachable 
   10   576 REJECT     all  --  any    any     anywhere             10.0.0.0/8          reject-with icmp-net-unreachable 
   15   864 REJECT     all  --  any    any     anywhere             192.168.0.0/16      reject-with icmp-net-unreachable 
   10   576 REJECT     all  --  any    any     anywhere             223.0.0.0/8         reject-with icmp-net-unreachable 
  123  6960 REJECT     all  --  any    any     anywhere             BASE-ADDRESS.MCAST.NET/3 reject-with icmp-net-unreachable
How can a tracker or peer-exchange be that misconfigured, to send out such bogon-source-addresses?

I am not concerned (my firewall-gateway is doing a pretty good job), but curious.
Top
Post Reply

Return to “Support”