I have a special ISA2004 firewall policy rule for my linux box and another for the BitTorrent listener. The first rule allows anonymous access selected protocols for the specified host, my linux box. The anonymous access door is open on my ISA2004 firewall but not to wide. Since I want the linux box to be a full BitTorrent client I created a web publishing rule for a port in the 49152-65535 range as recommended here. For a variety of reasons I assigned a static IP address to the linux box. The rule allows the following protocols:
- BitTorrent(TCP 6868 Outbound, 6881-6882 primary Outbound and secondary inbound)
- BitTorrent Server(TCP 49999 Primary Inbound and secondary Outbound, UDP 49999 primary Receive Send and secondary Send Receive)
- FTP
- HTTP
- HTTPS
- NTP(UDP)
After monitoring the startup and download of a torrent with the monitoring feature of ISA2004, I think I have the rules set up correctly. My download speed runs at max download speed. I found Firestarter to be a really nice gui for linux firewall side. It is pretty simple to use and has some monitoring capability. If you have Fedora you can install it using YUM from the Extras repository. I have port 6868 in the rule since that is the port Azureus uses to check for azureus.aelitis.com for updates. Adding it to the rule sped up the Azureus startup. I have 6882 in the range even though technically Azureus should not use it. My ISA2004 firewall says Azureus at least tries to use it.