eMule firewall config - iptables forward rules
To publicize tcp://10.8.0.2:24662
and udp://10.8.0.2:24672
from your OpenVPN client running eMule, you can use port forwarding through iptables
to map those ports on the VPS’s WAN interface (enp1s0
) to the OpenVPN client’s IP (10.8.0.2
). Here’s how to set it up:
-
Forward TCP Port 24662:
Run this command to forward TCP traffic on
enp1s0
(VPS WAN interface) at port24662
to the OpenVPN client (10.8.0.2
):sudo iptables -t nat -A PREROUTING -i enp1s0 -p tcp --dport 24662 -j DNAT --to-destination 10.8.0.2:24662
-
Forward UDP Port 24672:
Run this command to forward UDP traffic on
enp1s0
at port24672
to the OpenVPN client (10.8.0.2
):sudo iptables -t nat -A PREROUTING -i enp1s0 -p udp --dport 24672 -j DNAT --to-destination 10.8.0.2:24672
-
Enable IP Forwarding:
Ensure that IP forwarding is enabled on your VPS by checking the
/proc/sys/net/ipv4/ip_forward
value:sudo sysctl -w net.ipv4.ip_forward=1
To make this permanent, add or update the following line in
/etc/sysctl.conf
:net.ipv4.ip_forward = 1
-
Configure MASQUERADE for Outbound Traffic:
Add a MASQUERADE rule to handle the outbound traffic from the OpenVPN network:
sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o enp1s0 -j MASQUERADE
These steps will forward external requests on ports 24662
(TCP) and 24672
(UDP) to your OpenVPN client (10.8.0.2
), making the eMule service accessible publicly via x.x.x.x:24662
(TCP) and x.x.x.x:24672
(UDP).
To verify, you can check the iptables
rules:
sudo iptables -t nat -L -v -n
You can remove uncessary iptables rules: Remove a rule from iptables
Test connection