eMule firewall config - iptables forward rules
To publicize tcp://10.8.0.2:24662 and udp://10.8.0.2:24672 from your OpenVPN client running eMule, you can use port forwarding through iptables to map those ports on the VPS’s WAN interface (enp1s0) to the OpenVPN client’s IP (10.8.0.2). Here’s how to set it up:
-
Forward TCP Port 24662:
Run this command to forward TCP traffic on
enp1s0(VPS WAN interface) at port24662to the OpenVPN client (10.8.0.2):sudo iptables -t nat -A PREROUTING -i enp1s0 -p tcp --dport 24662 -j DNAT --to-destination 10.8.0.2:24662 -
Forward UDP Port 24672:
Run this command to forward UDP traffic on
enp1s0at port24672to the OpenVPN client (10.8.0.2):sudo iptables -t nat -A PREROUTING -i enp1s0 -p udp --dport 24672 -j DNAT --to-destination 10.8.0.2:24672 -
Enable IP Forwarding:
Ensure that IP forwarding is enabled on your VPS by checking the
/proc/sys/net/ipv4/ip_forwardvalue:sudo sysctl -w net.ipv4.ip_forward=1To make this permanent, add or update the following line in
/etc/sysctl.conf:net.ipv4.ip_forward = 1 -
Configure MASQUERADE for Outbound Traffic:
Add a MASQUERADE rule to handle the outbound traffic from the OpenVPN network:
sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o enp1s0 -j MASQUERADE
These steps will forward external requests on ports 24662 (TCP) and 24672 (UDP) to your OpenVPN client (10.8.0.2), making the eMule service accessible publicly via x.x.x.x:24662 (TCP) and x.x.x.x:24672 (UDP).
To verify, you can check the iptables rules:
sudo iptables -t nat -L -v -n
You can remove uncessary iptables rules: Remove a rule from iptables
Test connection
