[Preciousss]

I've searched the forums here, Apple's Discussion pages, Transmission's forums and even Googled. Found lots of other folks asking the same question: how do you port forward in Leopard? But no answers.

The firewall in Tiger (and Panther) allowed you to port forward quite easily. In Leopard, I have my Firewall set to Allow only essential services, I've added Transmission to the list and set it to Allow incoming connections. This is about all the customization Leopard's Firewall allows me to do, beyond command line wizardry which I don't do unless absolutely confident. Plus it seems like there should be a simple way (like in Tiger/Panther).

Transmission tells me that the "Port is stealth" and no torrents download, not even slowly. I'm glad I thought to retain a Tiger partition so that I can at least switch to that to use Transmission, but I'd much prefer to just do everything in Leopard.

It seems amazing to me that there are no solutions out there after this much time. Not even a definitive "you cannot port forward in Leopard." Hoping someone here will be able to shed some kind, any kind, of light. Thanks.

[mdc]

The port forwarding that you are talking about in regards to Transmission does not mean through your 10.5 firewall, it means through your actual hardware router.

How you'd configure the port you have set Transmission through your router and to your Mac is different depending on the router. Airports use Airport Utility, but others require you to configure it through your web browser.
For sake of conversation let's say you have an Airport Extreme. You'd open Airport Utility, go to the port forwarding section of the basestation and then enter your outside port, your Mac's IP address, and the internal port.

After when traffic hits your router on port xxxx, it'll know that traffic for said port needs to go to your Mac, and Transmission will report that your port is open.

[Big Mac]

Yeah, I don't think the OP meant port forwarding. He seems to be asking how to open the ports necessary for the app to function.

[Preciousss]

Thanks for the quick responses. I should have been more clear: I have a Netgear MR814 router and have it all set up to port forward as you specified. This worked fine under Panther and Tiger.

Big Mac's response is also correct: I should've asked how to open the port in Leopard's firewall that I've forwarded from my router. I've already added Transmission to the allowed apps in the Firewall, so I'm at a loss.

But you've helped me see that I've been asking the question wrong. Maybe I'll look around again with different search terms. Though any solutions here would be great. Thanks again.

Originally Posted by mdc 

The port forwarding that you are talking about in regards to Transmission does not mean through your 10.5 firewall, it means through your actual hardware router.

How you'd configure the port you have set Transmission through your router and to your Mac is different depending on the router. Airports use Airport Utility, but others require you to configure it through your web browser.
For sake of conversation let's say you have an Airport Extreme. You'd open Airport Utility, go to the port forwarding section of the basestation and then enter your outside port, your Mac's IP address, and the internal port.

After when traffic hits your router on port xxxx, it'll know that traffic for said port needs to go to your Mac, and Transmission will report that your port is open.

[Big Mac]

Here's my advice: Turn off the Leopard firewall and rely on your router's firewall.

[analogika]

I concur.

[besson3c]

I third that, although you should switch on your computer's firewall when you leave your home network.

[Preciousss]

Originally Posted by Big Mac 

Here's my advice: Turn off the Leopard firewall and rely on your router's firewall.

Whaaa?!!

For real? Just tried it and it works, but doing so makes me feel like I'm leaving my door wide open. (Prolly because a quick scan of my router's capabilities showed no built-in firewall. Could've missed it though. I need a serious upgrade anyway, this is a 802.11b router.)

I suppose I'll just use my Tiger partition until there's an easy way to open specific ports in Leopard's firewall. Thanks for the suggestions.

[P]

What is generally referred to as a router for a home broadband connection isn't really a router. It's a box running Network Address Translation, meaning that it has one IP number for itself and looks like just one computer from the outside. It routes all connections from the computers on inside to the right computer on the outside (looking like a router to the computers on the inside) and remembers what computer sent what, so when a reply comes it can route the reply to the right computer on the inside. An unsolicited connection from the outside is harder, because the router doesn't know where to send it. The default is to drop it silently, unless you have configured one computer to be in a DMZ (meaning that it gets all connections that the router would otherwise drop) or set up a virtual server (meaning that you have told the router where to send incoming packets on a certain port - what you have done for Transmission). In effect, this is exactly like a stateful firewall (what is implemented into Mac OS X and other operating systems today).

[S_J]

Originally Posted by Preciousss 

For real? Just tried it and it works, but doing so makes me feel like I'm leaving my door wide open.

Hi Previousss,

Indeed you should be keeping your computer's firewall closed as much as possible. In the off-chance of someone cracking your wireless (if you're using WEP on your 802.11b network for example), then they may have more chance of attacking your computer if the firewall is off.

If you're concerned about this then you may want to invest in a more full-featured firewall such as NetBarrier (intego.com), where you can choose exactly what ports to allow through the firewall. This may seem like overkill for most situations, but it is an option.

[Kevin]

Originally Posted by Big Mac 

Here's my advice: Turn off the Leopard firewall and rely on your router's firewall.

Agreed.

[ghporter]

Your router performs a function called "Network Address Translation" or NAT. That is effectively a form of perimeter defense, though it does not do what a true firewall does. But do you need a firewall? Maybe-it's a good defense against intrusion. However, by simply using the "Sharing" preferences settings, you can usually enable any and all traffic you want to (at least in Tiger-is Leopard's firewall that different?), so opening only certain ports is fairly easy and simple to do.

[bishopazrael]

Please allow me to help.

To the OP. You want to forward a port for the purpose of bittorrents. What you are looking for is in System Prefs > Security > Firewall Once there you can click the + button under the box, then add your bittorrent application of choice. Try that and lets see how it works.

[bishopazrael]

And as a further note, you guys should remember that Apple designers worked very hard to put in a VERY cool feature. I don't know what it's called, but when i went to the System Prefs I typed in the word "firewall" into the Spotlight search bar on the sys prefs box. If you guys get stuck and need help try typing in some key words and seeing what comes up. I just tried it and its very cool.

[besson3c]

Originally Posted by bishopazrael 

Please allow me to help.

To the OP. You want to forward a port for the purpose of bittorrents. What you are looking for is in System Prefs > Security > Firewall Once there you can click the + button under the box, then add your bittorrent application of choice. Try that and lets see how it works.

This is not port forwarding, but simply opening up a port on your firewall. This communication is not going to get past the original poster's router if it is not set to forward port requests to his LAN IP address.

[Preciousss]

Hey everyone, I figured it out. And it's all thanks to Wii Transfer and their tech support. :-)

So, as you know, there are 3 options in Leopard's firewall:

• Allow all incoming connections
• Allow only essential services
• Set access for specific services and applications

I was using the second option, well, just because it seemed to make sense to me. For some reason, I read the options, going from top to bottom, as:

• Wide open
• Limited access
• Totally closed

After choosing the middle way, I thought the area below these radio buttons was where you specified which apps to allow/deny. I did this with Transmission and Wii Transfer, but could only get them to work if I shut the firewall off entirely. Boo!

On the advice of Wii Transfer tech support, I emptied out this list of applications, hoping I would get a prompt on re-launch to allow or deny Wii Transfer access. Didn't happen.

So I looked at the firewall's 3 options again and realized that I had gotten the third one all wrong. I choose this one instead, and relaunched Wii Transfer. Got the dialog to allow/deny connection, clicked the former and it worked! Same goes for Transmission.

Yay! So, the area below the 3 options in Leopard's firewall is indeed to allow/deny specific applications. But it's meant to be used with the third option, not the second. Seems obvious now that I look at it, but like I said, my brain just went: open, ajar, shut when going down the list of options.

Hope this is helpful for anybody else who made the same mistake as me. Thanks for all the help everyone.

[Cold Warrior]

Thanks for posting back with that info. It's good to know.

[Simon]

Yeah, option 3 is basically supposed to be a user-defined firewall. Option 2 used to be called something like "Block all incoming connections" but then it turned out that it's not actually true and some ports have to be left open for basic things to work properly. So with 10.5.1 Apple renamed it.

Anyway, most people probably don't want 1. 2 is very restrictive. If you want to be able to chose for yourself you need option 3.

More about these options and the somewhat of a mess Apple got into with it in the 10.5.0 release can be found here and here.