Emule and bittorent tuttorials

[panic]

Ewen Hello,

Could you pzl describe us the use of Application Monitor in a little Detail?

Thank you.

I'll get onto this when I get home - about 7 hours. OK?

[Nikos]

no problem Ewen! Plz take your time!

[panic]

Try this.

If anyone can spot anything wrong in this, or if there is a better way to restrict a port to an app, but only while that app is running, please jump in and I'll modify the doc to suit.

Cheers,
Ewen :-)


[attachment deleted by admin]

[matinga]

Hi all there ! I´m matinga.
I don´t want to sound stupid but I´m new in this and I still can´t get rid of my azureus NAT problem.

my network monitor
id2 allow tcp/udp in
from ip any
to ip any
source port any
dest. port  azureus port(default)

ap. monitor
azureus.exe   tcp out    ip: any    port: any
azureus.exe   tcp in       ip:any   port: azureus port(default)
azureus.exe   udp out    ip any   port any

What I´m doing wrong?? 
Thank you all for your time and patience

out of this little problem  (R)

[AOwL]

In network monitor rules i have destination IP = zone (i'm behind a router)
It works for me, and i have the same network monitor rule, but the application rule is different.
It looks like this.

skip parent
allow all activites...
allow invisible...
skip advanced...

As you can see, i'm allowing everything for Azureus, but it's hard to get it to work in another way.
I did have a more restricted set of application rules before, that worked but i don't remember them...
I don't use it so much so i don't want to spend so much time in it.
Start with this and try it out, to see if it workes.

[Coren]

Alright, I've tried just about everything I could think of and I just can't get Azureus to work properly.  Both DHT and NAT show up as firewalled, and I never get a green face.

When I turn off CPF everything works fine, so there must be something wrong with my settings.

My settings are the following:

In Azureus:
TCP 52132
UDP 52133

Network monitor:

Allow TCP/UDP In
Source IP Any
Dest IP Any
Source Port Any
Dest Port Range 52132-52133

Rule placed as #2, after both rules for my LAN.

Application monitor:
Azureus.exe, Parent skip
Allow all activities
Allow invisible, Skip advanced checks

So why the heck won't this work?
With this setup the Azureus NAT test still gives me a NAT error.
Maybe I need to change something in Azureus?  I know UPnP has something to do with firewalls, for instance, so maybe I need to tinker with that?

Any form of help would be greatly appreciated.

[AOwL]

Have you checked the logs in CPF?
What do they say?
Are you behind a router?
What do the test in Azureus say? Tools/NAT firewalltest?
For me it takes a while to get green lights, so i have to wait, but then it works.
I even get a few error messages when i start Azuresus.
I will look in to it later, when i can check the settings i use.

[Coren]

I've checked the Comodo logs.

I get loads of Medium Network Monitor errors, saying Inbound Policy Violation, Acces Denied, on ports 15275 or 2869.  And very occasionally on port 64199.
I don't know what these ports are used for, should I just open them?  They're not the Azureus ports I chose anyway.
And then I get soms High alerts, Blocked By Protocol Analysis (Invalid Flag Combination).

Yes, I'm behind a router, but when I turn off CPF everything works fine so I suppose that one's configured correctly.

Azureus NAT says "Nat Error"
I get no errors when start Azureus except the NAT and DHT Firewalled errors I got before.

[AOwL]

I've checked the Comodo logs.

I get loads of Medium Network Monitor errors, saying Inbound Policy Violation, Acces Denied, on ports 15275 or 2869.  And very occasionally on port 64199.
I don't know what these ports are used for, should I just open them?  They're not the Azureus ports I chose anyway.
And then I get soms High alerts, Blocked By Protocol Analysis (Invalid Flag Combination).

Yes, I'm behind a router, but when I turn off CPF everything works fine so I suppose that one's configured correctly.

Azureus NAT says "Nat Error"
I get no errors when start Azureus except the NAT and DHT Firewalled errors I got before.

We have the same rules i think, but it works for me... Like i said earlier i takes about 3 minutes before i get green light after i have started azureus. First i get the NAT and DHT Firewalled errors too.
You can allowe all icmp too, and put it above the default ICMP rules, just to try it out.
If you are behind a router, you MUST set up a trusted zone, if you haven't done that.
The rule should look like this then.
Allow TCP/UDP In
Source IP Any
Dest IP Zone
Source Port Any
Dest Port Range 52132-52133
I have also ckecked both "skip loopback..." in security/advanced/misc
Still doesn' work?
Try to shut off network monitor and see if it works. Try the same with application monitor.
Remember to let Azureus have a few minutes to start before giving up.
Azureus is using Java, so it can be a bit "heavy" on the computer sometimes...
Now you can probably see where the problem is.
Set "loose" rules, and the tighten them up until azureus stops working.
Sometimes you have to restart CPF to get the new rules to work. Rightklick the systray icon and exit the program. Then start it again after 30 seconds.

[Coren]

Right.

So turning off App Monitor doesn't change a thing, but turning off Network Monitor solves it.

I've tried opening port 15275 and now everything works (except I still get DHT firewalled, but that's probably due to the low activity on the torrent).  I don't get why it's using this port instead of the one I specified, but hey, at least it's working now.
Actually, I just set the port in Azureus to 15275 for both TCP and UDP and I've changed Comodo's settings to only allow port 15275, and things still work, so except if there's a reason why I should use this port I'm just going to leave it this way.

I also opened TCP in 2869 and UPD In 8008, since it looks like Azureus is using them.  Good move or bad move?

Thanks for your help, things are slowly starting to work :p

Coren

[AOwL]

I'm glad that it is starting to work for you.
You had opened ports 2869 and 8008. Was that in network monitor?
If it were, i don't think it's a good idea... bad move in other words...
Did you have to do that to get it to work?
You didn't say if you have created a trusted zone.

[Coren]

Yes, I created a Trusted Zone and applied the rules only to that zone.
And yes I opened those ports in the Network Monitor.  Should I have done this in the Application Monitor?

I don't quite get the whole App Monitor vs Network Monitor thingy.  I'm assuming that the Network rules are the first wall of protection and that App control allows you to tighten things up further per application?  Because when I put a rule in the application monitor saying allow TCP In 15275, for instance, it still won't work unless I apply the same rule on the network level.

Apparently not adding port 8008 to the rules gives me a NAT error, no idea why.  Things still seem to work without port 2869, but I've done some research and apparently this port is used by the UPnP service, whatever that means...

Coren

[AOwL]

Network monitor works like a hardware router i think... :
You can say that network monitor decides what ports can be opened,
and application monitor decides what program can open those ports...
If someone else have a better way to explain it, feel free to do it.

About port 8008. I dont have to have that port open in network monitor, so i really don't know why you have to have it like that... 

[Puma99]

Hi everyone

Hello from Portugal

I'm having some problems with the firewall configuration for emule, even after configuring it (comodo) following the instructions given here at the forum.

I can get HighID in both network an KAD but my upload seems like a rollercoster and downloads....? nope, none.

I already created/changed rules for emule but nothing.....  and more, after a couple of minutes emule simply crashes.....

My specs are:

Centrino 2.0
1024 Ram
WinXP SP2
Comodo firewall
Cyberhwak
Avast anti-virus
Protowall


Before Comodo i used Sygate, for ages, and without problems, but since i changed for Comodo firewall.... pufff.... emule is dead!

Any ideas?  ah, and yes i changed the order of the rules..

Thanks you all in advance...

[AOwL]

First, try to turn off Network monitor to see if it works without it.
If it doesn't work, then there must be something else.
If it works without Network monitor, then you know where the problem is.
Turn it back on again, and check again  that your rules are moved up.
Now, you should restart your computer, because it has been some issues with rules that Don't apply until you restart.
After the reboot check if it works.
You should check the logs an see what they say about it.
Right click and save as html, and then you can post it here.

Second, there has been some issues with CPF vs Avast and it's webmonitor.
Go to CPF and chose the tab security/advanced/misc and click configure.
Enable skip loopback on both. It "could" resolve some issues.
Sorry if you have tried all of this.