Author Topic: Some help with Deluge configuration  (Read 3031 times)

Offline hippiemaster

  • Comodo Member
  • **
  • Posts: 33
Some help with Deluge configuration
« on: September 18, 2012, 10:48:01 AM »
Hi! I just configured comodo firewall according to this tutorial , but when testing the port for deluge I get the following message:



On the drop-down menu I am not given the option to treat the application as Deluge (the name I've given to the Predefined Policy) but only as web browser, ftp client, trusted app, blocked app or outgoing only. Which one should I choose?

I have deluge 1.3.5 with the following settings:



Should I change the outgoing ports? Thanks a lot.

Offline hippiemaster

  • Comodo Member
  • **
  • Posts: 33
Re: Some help with Deluge configuration
« Reply #1 on: September 20, 2012, 05:23:10 AM »
After a lot of web search, I understand why nobody wants to touch this subject  :)

So, I change my question into: which one of the two methods mentioned in the following tutorials is better, that is safer and doesn't interfere with my other general internet activities (browsing, skype, automatic software updates, etc)?
Firewall Tutorial for Utorrent with Comodo Internet Security
Utorrent problems
According to user Pandluck:
Quote
Because of a bug you must change the rule 4 (for HTTP requests) to allow. I hope this will be resolved with the next updates.
Is this the reason why I get the pop up mentioned in my previous post? Is it unsafe to allow HTTP requests?
Also if someone could clarify if I should change the outgoing ports in deluge, I would appreciate it.

I have all latest stable versions of comodo firewall, avira, firefox, skype, deluge, soulseek, emule, etc
Thanks a lot.

Offline WxMan1

  • Comodo's Hero
  • *****
  • Posts: 606
Re: Some help with Deluge configuration
« Reply #2 on: September 20, 2012, 05:20:25 PM »
You're right: a lot of people won't want to touch that one.

I'm not sure you're going to get the option to select a predefined policy with respect to an alert.  However, you should be able to choose a custom predefined policy when creating a firewwall rule manually though.

A potential problem: I don't know how CIS will handle an event that's NOT in the policy and you allow and remember.  It may change the firewall rule from whatever predefined policy to custom and ONLY the specific event you just allowed will be in there.  I don't think CIS adds allowed events to the predefeined policy.

Offline hippiemaster

  • Comodo Member
  • **
  • Posts: 33
Re: Some help with Deluge configuration
« Reply #3 on: September 20, 2012, 07:38:15 PM »
Thank you for your reply.
If I understand well, you are saying that if at the pop up I allow the application, the rule might change to custom (I'm pretty sure this is what happens), but I can change Pandluck's rule number 4 from "Ask" to "Allow" in a manual predefined policy.
In that case it appears to me that it may be safer to use Radaghast's tutorial that doesn't fire any pop ups.
What you reckon?


Offline WxMan1

  • Comodo's Hero
  • *****
  • Posts: 606
Re: Some help with Deluge configuration
« Reply #4 on: September 20, 2012, 08:54:13 PM »
I'd implement custom policy and  allow + remember for each instance as is appropriate per your expert knowlege.  What you're doing is attempting to mitigate a seriously huge security risk that you deliberately assume.  It would seem that allowing Deluge outbound TCP from either the NIC (or router) zone, etc to any IP on port 80 should be o.k..  That'd be really no differnt than atypical browser traffic.

The problem arises w/respect to inbound traffic.  By default CIS blocks all unsolicited inbound traffic w/out alert or logging.  Any such will be detected by either SYSTEM or WIDOWS SYSTEM APPLICATION  Then it'll get shoveled off from one to the other, then to either an app or a system resouce, e.g. protected file / folder.

So as long as the prollem is that of 'getting out' that's the least of all evils so long as you have Deluge locked down tight in D+ (paranoid mode).

Offline hippiemaster

  • Comodo Member
  • **
  • Posts: 33
Re: Some help with Deluge configuration
« Reply #5 on: September 21, 2012, 05:30:27 AM »
Thank you WxMan1. It makes sense though I don't use D+ because it's been advised that it may conflict with my avira antivirus.

As I am still testing deluge I continue to use utorrent. So after applying Radaghast's firewall settings, I got a comodo pop up for utorrent about a request for an inbound TCP connection . Is this suppose to happen? And what do you guys do in that case, I mean when you don't know the IP requesting? Do you allow it? Are there any settings that don't trigger the pop ups? In previous versions of comodo this was possible with Pandlouk's settings.


 

Seo4Smf 2.0 © SmfMod.Com Smf Destek