Author Topic: Firewall Tutorial for Utorrent with Comodo Internet Security  (Read 481959 times)

Offline pandlouk

  • I love Comodo
  • Comodo's Hero
  • *****
  • Posts: 2240
  • Retired Mod
Firewall Tutorial for Utorrent with Comodo Internet Security
« on: November 24, 2007, 01:52:25 PM »
How to configure Comodo firewall 3 or 4 for utorrent.

1. Go to : Firewall -> Advanced -> Attack Detection Settings -> Miscellanous and disable  Do Protocol analysis

2. Go to : Firewall -> Advanced -> Predifined Firewall Policies and select Add...

Give a name at the new Predefined Policy for example: utorrent

Add the following rules:

Rule 1
Action = Allow
Protocol = TCP or UDP
Direction = In
Description = Rule for incoming TCP and UDP connections
Source Address = Any
Destination Address = Any
Source port = A port range = (start port = 1025 / end port = 65535)
Destination port = the port of utorrent

Rule 2
Action = Allow
Protocol = TCP
Direction = Out
Description = Rule for outgoing TCP connections
Source Address = Any
Destination Address = Any
Source port = A port range = (start port = 1025 / end port = 65535)
Destination port = A port range = (start port = 1025 / end port = 65535)

Rule 3
Action = Allow
Protocol = UDP
Direction = Out
Description = Rule for outgoing UDP connections
Source Address = Any
Destination Address = Any
Source port = the port of utorrent
Destination port = A port range = (start port = 1025 / end port = 65535)

Rule 4
Action = Ask (enable Log as a firewall event if this rule is fired)
Protocol = TCP
Direction = Out
Description = Rule for HTTP requests
Source Address = Any
Destination Address = Any
Source port = A port range = (start port = 1025 / end port = 65535)
Destination port = 80

Rule 5
Action = Block (enable Log as a firewall event if this rule is fired)
Protocol = IP
Direction = In/OUT
Description = Block and Log All Unmatching Requests
Source Address = Any
Destination Address = Any
IP Details = Any

3. Start utorrent. When Comodo asks you with a popup, choose Treat this application as select utorrent and enable Remember my answer.

Have a nice file sharing. (:WIN)


Additional Notes

If you have connectivity problems:
Go at Firewall -> Common Tasks -> Stealth ports wizard and select
Alert me to incoming connections- stealth my ports on a per-case basis

Because of a bug you must change the rule 4 (for HTTP requests) to allow. I hope this will be resolved with the next updates.

Panagiotis



If you have a router, you'll need to configure it for port forwarding:
http://portforward.com/english/routers/port_forwarding/routerindex.htm

1. Choose your router model (if it's not in the list, choose one from the same company)
2. Select the software (in this case, uTorrent)
3. Now follow the steps in the guide

Tweak to increase download speed

Ragwing



If you have just a modem, you may need to add a rule (above the last block all) to allow outgoing DNS requests such as:

Action = Allow
Protocol = UDP
Direction = Out
Description = Allow Outgoing DNS
Source Address = Any
Destination Address = Any (or your ISP's DNS server for extra security)
Source port = Any
Destination port = 53

Soyabeaner
« Last Edit: March 06, 2010, 02:13:23 PM by Ronny »

Offline G.Alexander

  • Newbie
  • *
  • Posts: 2
  • Fons et Origo
    • SecurityLabs.gr :: eXperience Security
Re: Tutorial for Utorrent with Comodo Firewall 3
« Reply #1 on: November 24, 2007, 02:02:41 PM »
Already ported to the greek community forums and blogs. Once again, pandlouk, great job.
G. Alexander, Head Admin,
SecurityLabs.gr :: eXperience Security

Offline Ragwing

  • Comodo's Hero
  • *****
  • Posts: 3498
Re: Tutorial for Utorrent with Comodo Firewall 3
« Reply #2 on: November 24, 2007, 02:29:47 PM »
First of all:

- Disable 'Randomize port everytime uTorrent starts' in uTorrent settings -> Connections.

- Choose a port to listen for incoming connections in uTorrent settings -> Connections.

- If you have a router, follow the instructions for port forwarding on your router.

- I also recommend using the speed tweak.

Now the the configuration for the firewall. I have two set-ups of rules. The first one is a bit easier, and as many people don't like connections on privileged (port 1-1024), I've created a rule set for them too.

(NOTE: If you don't have a static IP, use the MAC adress (instructions on how to get it here). It also works with 'Any'.
Description for the rules are optional. You can change them if you want too.
Add the rules in the order I've numbered them.

Option 1 - Allow use of privileged ports (Recommended for beginners)

Go to Firewall->Advanced->Network Security Policy->Global Rules and add the following rule above all blocking (red) rules:

Action: Allow
Protocol: TCP or UDP
Direction: In
Description: Allow incoming traffic for uTorrent
Source Address: Any
Destination Address: Your IP/MAC or Any
Source Port: Any
Destination Port: uTorrent-port

Now go to Firewall -> Advanced -> Network Security Policy -> Application Rules, and add these for uTorrent.exe:

Rule 1

Action: Allow
Protocol: TCP or UDP
Direction: In
Description: Allow incoming traffic for uTorrent
Source Address: Any
Destination Address: Your IP/MAC or Any
Source Port: Any
Destination Port: uTorrent-port

Rule 2

Action: Allow
Protocol: TCP or UDP
Direction: Out
Description: Allow outgoing traffic for uTorrent
Source Address: Your IP/MAC or Any
Destination Address: Any
Source Port: Any
Destination Port: Any

Rule 3

Action: Block (mark 'Log as firewall event if this rule is fired')
Protocol: IP
Direction: Out
Description: Block and log outgoing traffic
Source Address: Your IP/MAC or Any
Destination Address: Any

Rule 4

Action: Block (mark 'Log as firewall event if this rule is fired')
Protocol: IP
Direction: In
Description: Block and log incoming traffic
Source Address: Any
Destination Address: Your IP/MAC or Any

The application rules should now look like this:


Option 2 - Deny use of privileged ports (Recommended for additional security, but might cause problems due to some ports being blocked)

Go to Firewall->Advanced->Network Security Policy->Global Rules and add the following rule above all blocking (red) rules:

Action: Allow
Protocol: TCP or UDP
Direction: In
Description: Allow incoming traffic for uTorrent
Source Address: Any
Destination Address: Your IP/MAC or Any
Source Port: 1025-65535
Destination Port: uTorrent-port

Now go to Firewall -> Advanced -> Network Security Policy -> Application Rules, and add these for uTorrent.exe:

Rule 1

Action: Allow
Protocol: TCP or UDP
Direction: In
Description: Allow incoming traffic
Source Address: Any
Destination Address: Your IP/MAC or Any
Source Port: 1025-65535
Destination Port: uTorrent port

Rule 2

Action: Allow
Protocol: TCP or UDP
Direction: Out
Description: Allow outgoing traffic
Source Address: Your IP/MAC or Any
Destination Address: Any
Source Port: 1025-65535
Destination Port: 1025-65535

Rule 3

Action: Allow
Protocol: TCP
Direction: Out
Description: Allow outgoing HTTP-traffic
Source Address: Your IP/MAC or Any
Destination Address: Any
Source Port: 1025-65535
Destination Port: 80

Rule 4

Action: Allow
Protocol: UDP
Direction: Out
Description: Allow DNS-requests
Source Address: Your IP/MAC or Any
Destination Address: Any or your DNS server (can be found by launching cmd.exe and writing 'ipconfig /all'.
Source Port: 1025-65535
Destination Port: 53

If you have more than one DNS-server, add a rule for each of them.

Rule 5

Action: Block
Protocol: TCP or UDP
Direction: Out
Description: Block outgoing traffic on privileged ports
Source Address: Your IP/MAC or Any
Destination Address: Any
Source Port: 1-1024
Destination Port: 1-1024

Rule 6

Action: Block
Protocol: TCP or UDP
Direction: In
Description: Block incoming traffic on privileged ports
Source Address: Any
Destination Address: Your IP/MAC or Any
Source Port: 1-1024
Destination Port: 1-1024

Rule 5 and 6 will prevent connections to privileged ports from getting logged, so that CFP 3 won't log a lot of intrusion attempts.

Rule 7

Action: Block (mark 'Log as firewall event if this rule is fired')
Protocol: IP
Direction: Out
Description: Block and log outgoing traffic
Source Address: Your IP/MAC or Any
Destination Address: Any

Rule 8

Action: Block (mark 'Log as firewall event if this rule is fired')
Protocol: IP
Direction: In
Description: Block and log incoming traffic
Source Address: Any
Destination Address: Your IP/MAC or Any

If you've done it correctly, your application rules should look like this:

(You might have more entries for DNS-requests)

Both works with everything enabled in Attack Detection Settings. I've been able to reach maximum download and upload speeds in uTorrent with both of them.

Cheers,
Ragwing
« Last Edit: July 18, 2008, 08:43:39 AM by Ragwing »

Offline pandlouk

  • I love Comodo
  • Comodo's Hero
  • *****
  • Posts: 2240
  • Retired Mod
Re: Tutorial for Utorrent with Comodo Firewall 3
« Reply #3 on: November 24, 2007, 05:26:52 PM »
3. Go to Firewall->Advanced->Network Security Policy->Application Rules and add the following rules for uTorrent.exe:

Allow TCP OR UDP In/Out From IP Any To IP Any Where Protocol Is Any
Allow TCP OR UDP In From IP Any To IP Any Where Source Port Is Any And Destionation Port Is In [uTorrent]
[uTorrent] is the port set that you've created in step 2.

Hi Ragwing,

if you apply those rules then you must really trust utorrent and all those with which it connects.  :P
I do not trust any program to give it access IN/OUT in every protocol.

Offline drainlife

  • Newbie
  • *
  • Posts: 1
Re: Tutorial for Utorrent with Comodo Firewall 3
« Reply #4 on: November 26, 2007, 05:10:51 AM »
1. Go to : Firewall -> Advanced -> Attack Detection Settings -> Miscellanous and disable  Do Protocol analysis

Why you need to disable protocol analysis? What's the reason? In emule tutorial you said it's for search KAD. I have azureus and it's have no search function...

thank you

Offline retrete

  • Newbie
  • *
  • Posts: 6
Re: Tutorial for Utorrent with Comodo Firewall 3
« Reply #5 on: November 26, 2007, 05:37:30 AM »
thank you for this useful tutorial. I'm having a slight problem. After i creat the utorrent predefined rule, it simply disappears from the list of predefined firewall policies. Is this normal?

Offline Nostromov

  • Comodo Member
  • **
  • Posts: 45
Re: Tutorial for Utorrent with Comodo Firewall 3
« Reply #6 on: November 26, 2007, 06:45:29 AM »
Rule 1

Action = Allow
Protocol = TCP or UDP
Direction = In
Description = Rule for incoming TCP and UDP connections
Source Address = Any
Destination Address = Any
Source port = A port range = (start port = 1025 / end port = 65535)
Destination port = the port of utorrent

"Destination port = the port of utorrent" - you mean: Preferences, Connection, Listening Port?



It's a no-go, gives the error:
Quote
Not connectable
A firewall/router is limiting your network traffic. You need to open up a port so others can connect to you.

...is it possible to get this and other sort of strange behavior because of Windows XP Service Pack 3, v.3205 beta?
« Last Edit: November 26, 2007, 06:48:39 AM by nimd4 »
Z68A-G43 (G3) - i7-3770 - Vengeance 2x4GB 2133MHz - GTX 650 Gainward - WD 1TB 64MB SATA - Win7 Pro/64 SP1 / Trusty Xfce AMD64

Offline retrete

  • Newbie
  • *
  • Posts: 6
Re: Tutorial for Utorrent with Comodo Firewall 3
« Reply #7 on: November 26, 2007, 07:07:43 AM »
just realized what I was doing wrong. So i've applied the rules and had the firewall treating utorrent according to the rules i've defined. Connection is ok but i know have hundreds of blocking events related to utorrent. Is this normal? Download and upload is rubbish*ty but then again it could be my isp (what else is new?). What is the relevance of defining the port ranges you've mentioned? the firewall is blocking tons of utorrent connections coming from other ports. It is also blocking a lot connections destined to port 80. Why is this desirable?

Offline Ragwing

  • Comodo's Hero
  • *****
  • Posts: 3498
Re: Tutorial for Utorrent with Comodo Firewall 3
« Reply #8 on: November 26, 2007, 01:03:47 PM »
if you apply those rules then you must really trust utorrent and all those with which it connects.  :P

I don't but I got Comodo Firewall Pro 3, so do I have to worry? ;)

I do not trust any program to give it access IN/OUT in every protocol.

It's TCP and UDP, not all protocols :P

...is it possible to get this and other sort of strange behavior because of Windows XP Service Pack 3, v.3205 beta?

Yes it could be. You shouldn't use XP SP3 BETA :P

Cheers,
Ragwing

Offline ahlefeldt

  • Newbie
  • *
  • Posts: 2
Re: Tutorial for Utorrent with Comodo Firewall 3
« Reply #9 on: November 26, 2007, 05:35:29 PM »
How come, if i put in rule 5, then on 1 tracker im not able to get connectet to it with some torrents i had in utorrent before i installed the firewall and on 2 other trackers it works perfect with rule 5 enable ???

Offline Nostromov

  • Comodo Member
  • **
  • Posts: 45
Re: Tutorial for Utorrent with Comodo Firewall 3
« Reply #10 on: November 27, 2007, 11:40:32 AM »
Ragwing thanks for the reply, no way for me to test it on sp2 right now but I guess eventually I'll find out - or figure it out :) ahlefeldt rule 5 from above is to block further connections, so if it works without that rule, you must have something else that enables it to communicate - so check your config?..
Z68A-G43 (G3) - i7-3770 - Vengeance 2x4GB 2133MHz - GTX 650 Gainward - WD 1TB 64MB SATA - Win7 Pro/64 SP1 / Trusty Xfce AMD64

Offline ahlefeldt

  • Newbie
  • *
  • Posts: 2
Re: Tutorial for Utorrent with Comodo Firewall 3
« Reply #11 on: November 27, 2007, 04:16:53 PM »
ty for the replay Nimd4, check all and discovered that i had forgot to disable vista's firewall and its seems to work after that got disabled, just strange that it only was one tracker it messed up... also a big thx to u Pandlouk for the guide.

Offline pandlouk

  • I love Comodo
  • Comodo's Hero
  • *****
  • Posts: 2240
  • Retired Mod
Re: Tutorial for Utorrent with Comodo Firewall 3
« Reply #12 on: November 28, 2007, 06:44:20 PM »
ty for the replay Nimd4, check all and discovered that i had forgot to disable vista's firewall and its seems to work after that got disabled, just strange that it only was one tracker it messed up... also a big thx to u Pandlouk for the guide.
You are welcome :Beer.

ps. I updated the guide.

Offline Nostromov

  • Comodo Member
  • **
  • Posts: 45
Re: Tutorial for Utorrent with Comodo Firewall 3
« Reply #13 on: November 29, 2007, 01:14:45 AM »
ps. I updated the guide.

Working now.
Z68A-G43 (G3) - i7-3770 - Vengeance 2x4GB 2133MHz - GTX 650 Gainward - WD 1TB 64MB SATA - Win7 Pro/64 SP1 / Trusty Xfce AMD64

Offline JolietJake

  • Comodo's Hero
  • *****
  • Posts: 240
Re: Tutorial for Utorrent with Comodo Firewall 3
« Reply #14 on: November 29, 2007, 07:14:21 PM »
Appears to be working. Will report back if my port still appears to be stealthed. (tracker takes a while to update)

 

Seo4Smf 2.0 © SmfMod.Com | Smf Destek