ledoktre Posted May 20, 2014 Report Share Posted May 20, 2014 Greetings fellas, Ive been using btsync now off and on for some time. I just installed it on a server at my office, with plans to use it to sync some of the common folders from the users desktops to the server (Documents, Desktop, etc). I followed the instructions online to make it LAN-only (disable use_relay_server, use_tracker, and use_dht) on both the "server" and desktop shares. Feeling pretty good about myself, I used my phone (3G - wifi disabled) and scanned a code. It logged on, showed files. From the "server", I did this, and saw nothing. I'm sure that I went in and made the settings the same -- looking for advice / suggestions. It is imperitive that I have internet accessability disabled. Thanks,Doc Quote Link to comment Share on other sites More sharing options...
piotrnik Posted May 21, 2014 Report Share Posted May 21, 2014 Can you see your other computer/phone in the devices tab? Quote Link to comment Share on other sites More sharing options...
ledoktre Posted May 27, 2014 Author Report Share Posted May 27, 2014 I'm not sure, and I won't be able to check on it again until Thursday. The part that is bestumpling me is that I've got those 3 settings turned off, and from both sides. Yet when I grab my cell phone and scan the code, it brings up the files. So its *somehow* getting out to the internet. Is it possible that when the folders were first setup, they were listed with the tracking servers etc, and that since its been a week or so without them being "tracked" perhaps it will be secure as expected? I guess I am wondering if perhaps the connection was sort of "cached" before. I dont know enough about this system to know how it works deep down. Thanks, Quote Link to comment Share on other sites More sharing options...
ledoktre Posted May 28, 2014 Author Report Share Posted May 28, 2014 To clarify my last post -- when I am referring to the "cache", I am just meaning, when you setup a folder, it is by default shared. You then go in and modify each setting. I am just wondering if it gets cached / registered online for some period of time when it times out and is removed. I haven't re-tried since I was there, I am just trying to think of what might cause this behavior. Thanks, Quote Link to comment Share on other sites More sharing options...
ledoktre Posted May 29, 2014 Author Report Share Posted May 29, 2014 I think I've got it figured out. Couple of things to add to this for documentation. To run in LAN only mode, this recipe seems to work well :Disable ethernet on machine you are working with (while adding sync folders and configuring)Under 'Preferences', disable UPnP port mappingUnder each folder share, disable : use relay tracker when required, use tracker server, and search DHT networkUnder each folder, enable : Search LAN, Use Predefined Hosts (and fill in the IP address / port of your "server")It might seem odd to disable the ethernet while making these configuration changes, but it appears that when you add the sync folder, it immediately gets listed by the relay tracker or tracker server, I'm not sure which. Even after setting the settings to be LAN only, it showed up online. I could only get this to stop by resetting the internet connection and getting a new IP address. So it seems we are set - it is a bit of a pain to disable the ethernet adapter when you configure the folders, but it is better than having to reset your internet connection to get them to stay LAN only IMHO. I dont know if it was necessary to fill in a predefined host, it seemed to work without it. But I thought it might be a little bit more restrictive this way. My issue from the original post by the way, was that I had for some reason forgotten to enable Search LAN. That or the fact the shares were tracked from the original install. Not sure. But in either case, seems to be working as hoped. Quote Link to comment Share on other sites More sharing options...
pruppert Posted June 17, 2014 Report Share Posted June 17, 2014 I am having the same issue as the OP, ledoktre. I disabled the relay, tracker, and DHT settings for a folder on the only two nodes (iMac & MacBook), and my iPhone was still able to sync the folder while not on the LAN (only on LTE). Also , the iPhone does show in the devices tab on the desktop software. This is problematic since the mantra on these forums has been that disabling these 3 settings will limit sync to LAN only. This appears to not be the case. I then followed ledoktre's more stringent setup instructions in the previous post. Once, my computers were re-connected to the internet, they were not able to sync at all. So, at this point, I am not sure how to actually sync only on LAN. I hope someone from BT Sync will chime in to provide more clarity about what is going on here and how to actually achieve LAN only sync, if possible. Quote Link to comment Share on other sites More sharing options...
ledoktre Posted June 17, 2014 Author Report Share Posted June 17, 2014 If you have the predefined hosts filled in, maybe verify the IP address and port are correct. Initially when I set that, I had a number transposed, and nothing synced. It's almost like using that feature blocks out any other discovered hosts- almost like a "whitelist"... For me, the port was 32517. This is different than the web interface port. The correct port can be found on your "server" under preferences.HTH...Sent from my iPhoneAlso worth noting the predefined hosts is set on the clients. If you set this on your server you would have to enter the ip and port for every client to get it working would be my guess...Sent from my iPhone Quote Link to comment Share on other sites More sharing options...
Guest proactiveservices Posted June 18, 2014 Report Share Posted June 18, 2014 Keep in mind this doesn't force LAN-only, it just makes it more difficult for the machine to find WAN hosts. If one of the LAN peers knows of a peer on the Internet, it will tell all of the other peers and they will then connect to the WAN peer, even if you have everything but "Use predefined hosts" enabled. You must use firewalling if it is imperative that your peer does not reach outside of the LAN. Quote Link to comment Share on other sites More sharing options...
ledoktre Posted June 18, 2014 Author Report Share Posted June 18, 2014 Agreed. Firewall is the only true way to go. The moving target part of that though is ports. You can firewall that 32517 out but that won't stop a user from modifying their port to bypass. Could try to use a firewall that supports blocking BitTorrent protocol, but that I've read is nearly impossible too as this traffic is encrypted. So that leaves it up to the firewall to basically firewall everything in and out, and only allow permissible protocols or destinations through.Would be ideal if btsync had a way to put an admin password on its program preventing any changes. Sent from my iPhone Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.