Hello,

I am using qbittorrent for torrenting and my ISP has refused to open up firewall because of fucking “security” reasons. however I can still seed the torrent how is that possible? I mean all the incoming connections should be blocked right? isn’t it how firewall works?

  • Grippler@feddit.dk
    link
    fedilink
    English
    arrow-up
    26
    arrow-down
    2
    ·
    edit-2
    5 months ago

    Stop using your ISPs router and they’re not going to have much control over it.

    • whoareu@lemmy.caOP
      link
      fedilink
      English
      arrow-up
      14
      arrow-down
      1
      ·
      5 months ago

      no they have firewall enabled on their side so even if I use my own router it won’t do much.

              • Grippler@feddit.dk
                link
                fedilink
                English
                arrow-up
                5
                arrow-down
                1
                ·
                5 months ago

                Maybe not, but you and I definitely dont, so let’s stick to what they’re actually saying instead of guessing.

                • Baggins [he/him]@lemmy.ca
                  link
                  fedilink
                  English
                  arrow-up
                  3
                  arrow-down
                  1
                  ·
                  5 months ago

                  You commented that it’s “super weird and invasive” for an ISP to “firewall” listening ports. It just so happens that CGNAT also has the same effect and is super commonly used right now.

                  I think I’m good 👍

              • whoareu@lemmy.caOP
                link
                fedilink
                English
                arrow-up
                2
                ·
                5 months ago

                Yes I know what’s preventing me from opening ports. I also called my ISP they said we can’t open the firewall so the incoming connections will be blocked.

        • bier@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          5
          ·
          5 months ago

          Ipv4 shortage lead to a lot of IPS adopting CG-NATs where they are sharing one exit IPv4 for multiple end users and that’s why opening a port on the end user side won’t do a thing as your just opening a port in the ISP Network and not to the Internet

        • lemmyingly@lemm.ee
          link
          fedilink
          English
          arrow-up
          2
          ·
          5 months ago

          Who says the ISP isn’t blocking ports via a firewall?

          I thought it was common practice for ISPs to block certain ports for residential connections?

          • cmnybo@discuss.tchncs.de
            link
            fedilink
            English
            arrow-up
            3
            ·
            5 months ago

            They will usually block port 25 so you can’t run a mail server. It’s unusual for an ISP to block everything unless you are on CGNAT.

  • Brickfrog@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    20
    ·
    edit-2
    5 months ago

    however I can still seed the torrent how is that possible?

    Yes you can still seed as well as downloaded. But you are limited and can only upload and download torrent data in swarms that contain peers that are themselves fully connectable (port forwarded).

    So say you join a torrent swarm that only contains peers just like you (firewalled, no ports forwarded) then no one will transfer any torrent data with each other. Everyone is stuck waiting for a fully connectable (port forwarded) peer to join that swarm.

  • axzxc1236@lemm.ee
    link
    fedilink
    English
    arrow-up
    12
    ·
    5 months ago

    If the firewall just means no incoming connections, your computer can still reach out to the other side (if they open their port)

    • infinull@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 months ago

      Right, only one side of the connection needs an open port (and most clients will let that be either seed or leech side)… this is why having an open port on your end is useful if you’re downloading, since you can download from seeders that don’t have an open port.

  • meseek #2982@lemmy.ca
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    5 months ago

    BT protocol works thru both parties. You have seeders and leachers (called peers). Both need to make a connection but how that connection is initiated and opened is important.

    If your ports are blocked, you can still download, provided the seeders initiates the handshake. It’s how websites work and the fact that you can download something from say Apple.com or Steam.com without needing to open any ports.

    Unfortunately not every seeder does this (for various reasons). And that’s when having your ports open makes a world of difference. Because if a seeder needs you to initiate, you never will and while there may be 40 seeders, you don’t connect to any of them.

    On torrents that have hundreds of peers, you’re likely fine; they’ll be plenty that can initiate the transfer for you. But when you get obscure torrents with only a handful of peers, you’re likely fucked. I’m over simplifying for the sake of discussion.

  • Flatfire@lemmy.ca
    link
    fedilink
    English
    arrow-up
    2
    ·
    5 months ago

    A seedbox is going to be your friend in instances where your ISP blocks P2P traffic like this. As another user mentioned, it’s likely the ISP is using something called CGNAT to route traffic from multiple customers over the same IP. This is a pain for self-hosted services and the easiest way to deal with it is to simply not go through your own ISP. There’s a lot of options for seedbox vendors out there, I’d take a look around and determine what’s affordable for you.