@upcboy Let me get back home and I will send you the needed iptables modifications that arw needed to make port forwarding work. You did fine with iptables to allowe the port, but you need to allow also the output on vpn. We also have a script that makes all this automated on Transmission and Deluge, with yout help we could even make to work with rTorrent. I need to check if rTorrent allows port changing with cli command, as Transmission and Deluge does. I'm almost sure it has this option, and then we can have a script for rTorrent as well.
Sent from my Xperia Z3 Compact using Tapatalk
I have some good and some bad news.
First the good news: you need to modify the iptables script, modify the following line to this (find this INPUT line in the iptables script, and change it to the following):
Code:
iptables -A INPUT -i $INTERFACE -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
Add the following line before the final OUTPUT REJECT line:
Code:
iptables -A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
Now restart openvpn tunnel (make sure you have the new iptables rules applied), and then you get the open port number from PIA (I assume you have the script for that).
Then comes the part you already did, you need to insert the INPUT ACCEPT rule with the port number returned from PIA before the REJECT INPUT rule. If you use the script from the guide, that line will always be line 2, therefore you add
Code:
sudo iptables -I INPUT 2 -i tun0 -p tcp --dport your_forwarded_port -j ACCEPT
I think you don't need UDP at all, just TCP.
And I also thin you don't even need port forwarding between interfaces enables (need to check my VM later).
Now comes the bad news. Even if rTorrent is quite advances, it still doesn't have an option to change listening port on the fly (something that Transmission and Deluge both have). Therefore you need to enter this port manually in rTorrent, and probably restart rTorrent.
See here
rTorrent port change
We could probably create a script that stops rTorrent, modifies the config file, then restarts rTorrent, but that is very bad approach. rTorrent should add the possibility to change port options on the fly. You will have some hard time with this since PIA will change ports often.
rTorrent is great, but if you need some more advanced features, then I highly recommend to use Deluge. It works great, and has so many advanced options and possibilities.
Let us know if this worked for you.