Author Topic: Internet Connection Sharing  (Read 20065 times)

Offline _NN_

  • Newbie
  • *
  • Posts: 5
Internet Connection Sharing
« on: December 12, 2008, 10:14:47 AM »
I have looked up the forum but no answer I have found.

Situation:
I have first computer connected to the internet and second connected to the first. In the first computer I enable the option to use internet from other computers in the network.

It works well with Windows Firewall.
But then comes Comodo Firewall and this configuration doesn't work :(
There is a check in the checkbox for ICS Server.

What can be a problem ?
Thanx !

CGPMaster

  • Guest
Re: Internet Connection Sharing
« Reply #1 on: December 12, 2008, 11:55:00 AM »
evening

may i have your os?

Also, Can you explain a little more of the situation ?

CG

Offline grue155

  • Comodo's Hero
  • *****
  • Posts: 1172
Re: Internet Connection Sharing
« Reply #2 on: December 12, 2008, 12:41:09 PM »
If you have a machine facing the Internet, and is also serving as a firewall for other machines, the set up is not quite so straightforward. There is a Comodo wiki topic that covers a lot of the details.

Offline _NN_

  • Newbie
  • *
  • Posts: 5
Re: Internet Connection Sharing
« Reply #3 on: December 13, 2008, 02:32:18 AM »
Thanx, I followed the wiki but it did not help :(

I have Windows XP on both computers.
The first computer is connected to internet and to the LAN, it acts as Firewall and as Router.

Offline larsson

  • Comodo Member
  • **
  • Posts: 47
Re: Internet Connection Sharing
« Reply #4 on: December 13, 2008, 06:29:49 AM »
Have you checked if your setting:

Firewall - Advanced - Firewall Behavior Settings - Alert Settings  -  check if the box "This computer is an internet connection ......" is ticked ?
« Last Edit: December 13, 2008, 06:34:27 AM by larsson »
Windows 8 32, CIS and MBAM Free
AMD 64x2 6000+

Offline grue155

  • Comodo's Hero
  • *****
  • Posts: 1172
Re: Internet Connection Sharing
« Reply #5 on: December 13, 2008, 11:51:08 AM »
Thanx, I followed the wiki but it did not help :(

I have Windows XP on both computers.
The first computer is connected to internet and to the LAN, it acts as Firewall and as Router.

Two things to check:

First, is to make sure that the Windows Firewall is turned off, and so is not causing some conflict with Comodo Firewall. Click Start -> Control Panel -> Security Center. If Windows Firewall is running, the Security Center should show that, in which case, turn it off.

Second, is to confirm the Comodo Firewall settings, in detail. To do that, you'll need to run the Config Reporting Script. Download the script to your desktop, and just click the desktop icon to run the script. This will produce a text file report that you can post here. Run this script on the machine that is the ICS host.

Offline _NN_

  • Newbie
  • *
  • Posts: 5
Re: Internet Connection Sharing
« Reply #6 on: December 15, 2008, 12:22:05 PM »
Two things to check:

First, is to make sure that the Windows Firewall is turned off, and so is not causing some conflict with Comodo Firewall. Click Start -> Control Panel -> Security Center. If Windows Firewall is running, the Security Center should show that, in which case, turn it off.

Second, is to confirm the Comodo Firewall settings, in detail. To do that, you'll need to run the Config Reporting Script. Download the script to your desktop, and just click the desktop icon to run the script. This will produce a text file report that you can post here. Run this script on the machine that is the ICS host.

Windows Firewall is turned off.

Here comes the report:

[CIS/CFP Reporting Script Version 0.723.1]


=========================================================================================
System Information
=========================================================================================

General Information
---------------------------------------------------------------------------------------
User K Member of {Administrators, }
Logged on machine C1 at 15.12.2008 19:23:23
Microsoft(R) Windows(R) XP Professional x64 Edition 5.2.3790 SP 2.0
Codepage: windows-1251
Free Physical Memory: 2898MB


Data Execution Prevention Settings
-----------------------------------------------------------------------------------------
MS Windows DEP Policy: OptOut
Hardware DEP available
DEP enabled for 32Bit Appplications
DEP enabled for Drivers


=========================================================================================
CIS/CFP Installation Information
=========================================================================================

Installation Mode: Firewall
Installation Path: C:\Program Files\Comodo\COMODO Internet Security

Version Information
---------------------------------------------------------------------------------------
INFORMATION: Installed CIS/CFP version [From Registry]: 3.5.57173.439
INFORMATION: Installed CIS/CFP version [From CFPVER.DAT]: 3.5.57173.439
INFORMATION: CMDAGENT.EXE File Version:   3.5.57173.439
INFORMATION:      CFP.EXE File Version:   3.5.56968.437
INFORMATION:      CFP.DLL File Version:   
INFORMATION: CFPCONFG.EXE File Version:   3.5.57170.438
INFORMATION: CFPCONFG.DLL File Version:   3.5.55470.430
INFORMATION: CFPLOGVW.EXE File Version:   3.5.55470.430
INFORMATION: CFPLOGVW.DLL File Version:   3.5.55470.430
INFORMATION: CFPSBMIT.EXE File Version:   3.5.55470.430
INFORMATION: CFPSBMIT.DLL File Version:   3.5.55470.430
INFORMATION: CFPUPDAT.EXE File Version:   3.5.55810.432
INFORMATION: CFPUPDAT.DLL File Version:   3.5.55470.430
INFORMATION: CRASHREP.EXE File Version:   3.5.55470.430
INFORMATION: FRAMEWORK.DLL File Version:   
INFORMATION: CMDGUARD.SYS File Version:   3.5.57170.438
INFORMATION: CMDHLP.SYS File Version:   3.5.55470.430


Configuration Information
---------------------------------------------------------------------------------------
INFORMATION: There are 4 Configurations reported In CFP Configuration Tree
INFORMATION: Active Configuration ID 0 reported In CFP Configuration Tree
DIAGNOSTIC: 4 Configuration/s Confirmed


=========================================================================================
Configuration ID: 0    Name: COMODO - Firewall Security   Ver. 0x3016295
=========================================================================================


"File Groups" Groups Or Entries
=========================================================================================
INFORMATION: There are 11 File Groups reported In CFP Configuration Tree
DIAGNOSTIC: 11 File Groups Confirmed

File Group 0:   [Executables] is defined as
---------------------------------------------------------------------------------------
  • *.exe
  • [1] *.dll
    [2] *.sys
    [3] *.ocx
    [4] *.bat
    [5] *.pif
    [6] *.scr
    [7] *.cpl

    File Group 1:   
[All Applications] is defined as
---------------------------------------------------------------------------------------
  • *


File Group 2:   [Important Files/Folders] is defined as
---------------------------------------------------------------------------------------
  • C:\WINDOWS\system32\*
  • [1] C:\WINDOWS\system\*
    [2] C:\WINDOWS\servicing\*
    [3] C:\WINDOWS\SoftwareDistribution\*
    [4] C:\WINDOWS\system.ini
    [5] C:\WINDOWS\win.ini
    [6] C:\WINDOWS\wininit.ini
    [7] C:\WINDOWS\winstart.bat
    [8] C:\WINDOWS\Tasks\*
    [9] \Device\HarddiskVolume?\boot.ini
    [10] \Device\HarddiskVolume?\ntdetect.com
    [11] \Device\HarddiskVolume?\ntldr

    File Group 3:   
[Windows Updater Applications] is defined as
---------------------------------------------------------------------------------------
  • C:\WINDOWS\system32\svchost.exe
  • [1] C:\WINDOWS\system32\msiexec.exe
    [2] C:\WINDOWS\system32\wuauclt.exe
    [3] C:\WINDOWS\SoftwareDistribution\*
    [4] C:\WINDOWS\system32\wupdmgr.exe
    [5] C:\Program Files\Comodo\COMODO Internet Security\cfpconfg.exe

    File Group 4:   
[Windows System Applications] is defined as
---------------------------------------------------------------------------------------
  • System
  • [1] C:\WINDOWS\system32\smss.exe
    [2] C:\WINDOWS\system32\csrss.exe
    [3] C:\WINDOWS\system32\winlogon.exe
    [4] C:\WINDOWS\system32\services.exe
    [5] C:\WINDOWS\system32\spoolsv.exe
    [6] C:\WINDOWS\system32\lsass.exe
    [7] C:\WINDOWS\system32\wbem\WMIAdap.exe
    [8] C:\WINDOWS\system32\wbem\WMIPrvSE.exe
    [9] C:\Program Files\Comodo\COMODO Internet Security\cavscan.exe

    File Group 5:   
[Temporary Files] is defined as
---------------------------------------------------------------------------------------
  • C:\DOCUME~1\K\LOCALS~1\Temp\*
  • [1] ?:\RECYCLER\*
    [2] C:\Documents and Settings\K\Local Settings\Temporary Internet Files\*

    File Group 6:   
[COMODO Files/Folders] is defined as
---------------------------------------------------------------------------------------
  • C:\Program Files\Comodo\COMODO Internet Security\*
  • [1] C:\Documents and Settings\All Users\Application Data\Comodo\*
    [2] C:\WINDOWS\system32\drivers\cmdguard.sys
    [3] C:\WINDOWS\system32\drivers\cmdhlp.sys
    [4] C:\WINDOWS\system32\drivers\inspect.sys
    [5] C:\WINDOWS\system32\guard64.dll
    [6] C:\WINDOWS\SysWOW64\guard32.dll

    File Group 7:   
[COMODO Internet Security] is defined as
---------------------------------------------------------------------------------------
  • C:\Program Files\Comodo\COMODO Internet Security\cfp.exe
  • [1] C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
    [2] C:\Program Files\Comodo\COMODO Internet Security\cfpupdat.exe
    [3] C:\Program Files\Comodo\COMODO Internet Security\cfpsbmit.exe
    [4] C:\Program Files\Comodo\COMODO Internet Security\cfplogvw.exe
    [5] C:\Program Files\Comodo\COMODO Internet Security\crashrep.exe

    File Group 8:   
[Startup Folders] is defined as
---------------------------------------------------------------------------------------
  • C:\Documents and Settings\All Users\Start Menu\Programs\Startup\*
  • [1] C:\Documents and Settings\K\Start Menu\Programs\Startup\*
    [2] C:\WINDOWS\system32\GroupPolicy\Machine\Scripts\Startup\*
    [3] C:\WINDOWS\system32\GroupPolicy\User\Scripts\Logon\*

    File Group 9:   
[Windows Management] is defined as
---------------------------------------------------------------------------------------
  • \Device\NamedPipe\atsvc


File Group 10:   [3rd Party Protocol Drivers] is defined as
---------------------------------------------------------------------------------------
  • \Device\NPF_*
  • [1] \Device\Ndisuio
    [2] \Device\NdisTapi



    My Network Zones
    =========================================================================================
    INFORMATION: There are 3 Zones reported In CFP Configuration Tree

    Zone 0:
[Loopback Zone] is defined as
-----------------------------------------------------------------------------------------
  •    IP In [127.0.0.1/255.0.0.0]


Zone 1: [Local Area Network #1] is defined as
-----------------------------------------------------------------------------------------
  •    IP In [10.100.101.100/255.255.255.0]


Zone 2: [Local Area Network #2] is defined as
-----------------------------------------------------------------------------------------
  •    IP In [192.168.0.1/255.255.255.0]





My Blocked Network Zones
=========================================================================================
INFORMATION: There are 0 Blocked Zones reported In CFP Configuration Tree



My Ports Sets
=========================================================================================
INFORMATION: There are 3 Port Sets reported In CFP Configuration Tree

Portset 0:    [HTTP Ports] is defined as
-----------------------------------------------------------------------------------------
  •    80
  • [1]   443
    [2]   8080

    Portset 1:   
[POP3/SMTP Ports] is defined as
-----------------------------------------------------------------------------------------
  •    110
  • [1]   25
    [2]   143
    [3]   993
    [4]   995
    [5]   465
    [6]   587

    Portset 2:   
[Privileged Ports] is defined as
-----------------------------------------------------------------------------------------
  •    0-1023




Global Rules
=========================================================================================
INFORMATION: There are 7 Global Rules reported In CFP Configuration Tree


  • Allow            UDP     In/Out From  IP Any  To  IP [255.255.255.255] Where Source Port Is In [67-68] And Destination Port Is In [67-68]
  • [1] Allow            IP      In/Out From  Zone
[Local Area Network #2]  To  Zone [Local Area Network #2]  Where Protocol Is Any
[2] Block        TCP Or UDP  Out    From  Zone [Local Area Network #2]  To  IP Any  Where Source Port Is Any And Destination Port Is In [136-139]
[3] Allow        TCP Or UDP  Out    From  Zone [Local Area Network #2]  To  IP Any  Where Source Port Is Any And Destination Port Is Any
[4] Allow           ICMP     Out    From  Zone [Local Area Network #2]  To  IP Any  Where ICMP Message Is Any
[5] Block            IP      In/Out From  Zone [Local Area Network #2]  To  IP Any  Where Protocol Is Any
[6] Block           ICMP     In     From  IP Any  To  IP Any  Where ICMP Message Is ECHO REQUEST {8.0}



Network Security Policy
=========================================================================================
INFORMATION: There are 24 Application Rules reported In CFP Configuration Tree


Application 0: C:\Program Files (x86)\Nemerle\NemerleStudio\NemerleStudio.exe Treat as: [Web Browser]
----------------------------------------------------------------------------
The predefined rules are as follows:
  • Allow            IP      Out    From  IP Any  To  Zone [Loopback Zone]  Where Protocol Is Any
  • [1] Allow            TCP     Out    From  IP Any  To  IP Any  Where Source Port Is Any And Destination Port Is In.
[HTTP Ports]
[2] Allow            TCP     Out    From  IP Any  To  IP Any  Where Source Port Is Any And Destination Port Is 21
[3] Allow            TCP     Out    From  IP Any  To  IP Any  Where Source Port Is Any And Destination Port Is Not In. [Privileged Ports]
[4] Allow            UDP     Out    From  IP Any  To  IP Any  Where Source Port Is Any And Destination Port Is 53
[5] Block & Log      IP      In/Out From  IP Any  To  IP Any  Where Protocol Is Any


Application 1: C:\Program Files (x86)\USD\USDownloader.exe Treat as: [Custom Policy]
----------------------------------------------------------------------------
  • Allow            IP      Out    From  IP Any  To  IP Any  Where Protocol Is Any



Application 2: C:\Program Files\Alwil Software\Avast4\ashWebSv.exe Treat as: [trusted Application]
----------------------------------------------------------------------------
The predefined rules are as follows:
  • Allow            IP      In/Out From  IP Any  To  IP Any  Where Protocol Is Any



Application 3: C:\Program Files (x86)\Maxthon2\Maxthon.exe Treat as: [Web Browser]
----------------------------------------------------------------------------
The predefined rules are as follows:
  • Allow            IP      Out    From  IP Any  To  Zone [Loopback Zone]  Where Protocol Is Any
  • [1] Allow            TCP     Out    From  IP Any  To  IP Any  Where Source Port Is Any And Destination Port Is In.
[HTTP Ports]
[2] Allow            TCP     Out    From  IP Any  To  IP Any  Where Source Port Is Any And Destination Port Is 21
[3] Allow            TCP     Out    From  IP Any  To  IP Any  Where Source Port Is Any And Destination Port Is Not In. [Privileged Ports]
[4] Allow            UDP     Out    From  IP Any  To  IP Any  Where Source Port Is Any And Destination Port Is 53
[5] Block & Log      IP      In/Out From  IP Any  To  IP Any  Where Protocol Is Any


Application 4: System Treat as: [Custom Policy]
----------------------------------------------------------------------------
  • Allow            IP      Out    From  IP Any  To  Zone [Local Area Network #2]  Where Protocol Is Any
  • [1] Allow            IP      In     From  Zone
[Local Area Network #2]  To  IP Any  Where Protocol Is Any
[2] Allow            IP      Out    From  IP Any  To  IP Any  Where Protocol Is Any
[3] Allow            IP      In     From  IP Any  To  IP Any  Where Protocol Is Any


Application 5: C:\Program Files (x86)\Gizmo5\mDNSResponder.exe Treat as: [Custom Policy]
----------------------------------------------------------------------------
  • Allow            IP      Out    From  IP Any  To  IP Any  Where Protocol Is Any



Application 6: C:\Program Files\Alwil Software\Avast4\ashServ.exe Treat as: [trusted Application]
----------------------------------------------------------------------------
The predefined rules are as follows:
  • Allow            IP      In/Out From  IP Any  To  IP Any  Where Protocol Is Any



Application 7: Group [COMODO Internet Security] Treat as: [Outgoing Only]
----------------------------------------------------------------------------
The predefined rules are as follows:
  • Allow        TCP Or UDP  Out    From  IP Any  To  IP Any  Where Source Port Is Any And Destination Port Is Any
  • [1] Block & Log      IP      In/Out From  IP Any  To  IP Any  Where Protocol Is Any


    Application 8: Group
[Windows Updater Applications] Treat as: [Custom Policy]
----------------------------------------------------------------------------
  • Allow        TCP Or UDP  Out    From  IP Any  To  IP Any  Where Source Port Is Any And Destination Port Is Any



Application 9: C:\WINDOWS\system32\svchost.exe Treat as: [Custom Policy]
----------------------------------------------------------------------------
  • Allow            IP      In     From  IP Any  To  IP Any  Where Protocol Is Any
  • [1] Allow            IP      Out    From  IP Any  To  IP Any  Where Protocol Is Any


    Application 10: C:\Program Files (x86)\Orbitdownloader\orbitdm.exe Treat as:
[Custom Policy]
----------------------------------------------------------------------------
  • Allow            IP      Out    From  IP Any  To  IP Any  Where Protocol Is Any



Application 11: C:\Program Files\Alwil Software\Avast4\Setup\avast.setup Treat as: [Custom Policy]
----------------------------------------------------------------------------
  • Allow            IP      Out    From  IP Any  To  IP Any  Where Protocol Is Any



Application 12: D:\Miranda IM\miranda32.exe Treat as: [Custom Policy]
----------------------------------------------------------------------------
  • Allow            IP      Out    From  IP Any  To  IP Any  Where Protocol Is Any



Application 13: I:\emule\emule.exe Treat as: [Custom Policy]
----------------------------------------------------------------------------
  • Allow            IP      In     From  IP Any  To  IP Any  Where Protocol Is Any
  • [1] Allow            IP      Out    From  IP Any  To  IP Any  Where Protocol Is Any


    Application 14: C:\Program Files (x86)\foobar2000\foobar2000.exe Treat as:
[Custom Policy]
----------------------------------------------------------------------------
  • Allow            IP      Out    From  IP Any  To  IP Any  Where Protocol Is Any



Application 15: C:\Program Files\Sun\xVM VirtualBox\VirtualBox.exe Treat as: [Custom Policy]
----------------------------------------------------------------------------
  • Allow            IP      Out    From  IP Any  To  IP Any  Where Protocol Is Any



Application 16: C:\Program Files (x86)\uTorrent\uTorrent.exe Treat as: [Custom Policy]
----------------------------------------------------------------------------
  • Allow            IP      Out    From  IP Any  To  IP Any  Where Protocol Is Any



Application 17: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe Treat as: [Custom Policy]
----------------------------------------------------------------------------
  • Allow            IP      Out    From  IP Any  To  IP Any  Where Protocol Is Any



Application 18: C:\Program Files (x86)\ICQ6.5\ICQ.exe Treat as: [Custom Policy]
----------------------------------------------------------------------------
  • Allow            IP      Out    From  IP Any  To  IP Any  Where Protocol Is Any



Application 19: C:\WINDOWS\explorer.exe Treat as: [Custom Policy]
----------------------------------------------------------------------------
  • Allow            IP      Out    From  IP Any  To  IP Any  Where Protocol Is Any



Application 20: C:\WINDOWS\system32\mstsc.exe Treat as: [Custom Policy]
----------------------------------------------------------------------------
  • Allow            UDP     In     From  IP In [192.168.0.2/255.255.255.0] To  IP Any  Where Source Port Is Any And Destination Port Is Any
  • [1] Allow            IP      Out    From  IP Any  To  IP Any  Where Protocol Is Any


    Application 21: C:\Program Files (x86)\Skype\Phone\Skype.exe Treat as:
[Custom Policy]
----------------------------------------------------------------------------
  • Allow            IP      In     From  IP Any  To  IP Any  Where Protocol Is Any
  • [1] Allow            IP      Out    From  IP Any  To  IP Any  Where Protocol Is Any


    Application 22: C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe Treat as:
[Custom Policy]
----------------------------------------------------------------------------
  • Allow            IP      Out    From  IP Any  To  IP Any  Where Protocol Is Any



Application 23: C:\Program Files (x86)\RapidSVN-0.9.7\bin\rapidsvn.exe Treat as: [Custom Policy]
----------------------------------------------------------------------------
  • Allow            IP      Out    From  IP Any  To  IP Any  Where Protocol Is Any




Firewall Settings
=========================================================================================


Firewall Behavior Settings
---------------------------------------------------------------------------------------
Firewall Mode [train with Safe Mode]   Alert level [Low]
Keep an alert on Screen For a Maximum of 120 seconds
Enable Alerts For TCP requests
Enable Alerts For UDP requests
Enable Alerts For ICMP requests
This Computer is an Internet gateway
Enable Alerts For Loopback requests


Attack Detection Settings
---------------------------------------------------------------------------------------
Block Host attempting portscans For 5 minutes
Emergency Mode Duration during DOS attacks: 120 seconds
TCP Flood Traffic Rate 20 packets/second
TCP Flood Duration 20 seconds
UDP Flood Traffic Rate 20 packets/second
UDP Flood Duration 20 seconds
ICMP Flood Traffic Rate 20 packets/second
ICMP Flood Duration 20 seconds

Block Fragmented IP Datagrams




Netstat Information
=========================================================================================

Active Connections

  Proto  Local Address          Foreign Address        State           PID
  TCP    0.0.0.0:135            0.0.0.0:0              LISTENING       780
  TCP    0.0.0.0:445            0.0.0.0:0              LISTENING       4
  TCP    0.0.0.0:1025           0.0.0.0:0              LISTENING       508
  TCP    0.0.0.0:1087           0.0.0.0:0              LISTENING       3828
  TCP    0.0.0.0:2869           0.0.0.0:0              LISTENING       4
  TCP    10.100.101.100:139     0.0.0.0:0              LISTENING       4
  TCP    10.100.101.100:1091    205.188.9.18:80        ESTABLISHED     3828
  TCP    10.100.101.100:1095    205.188.13.20:80       ESTABLISHED     3828
  TCP    10.100.101.100:1588    91.199.212.149:80      TIME_WAIT       0
  TCP    10.100.101.100:1590    91.199.212.149:80      TIME_WAIT       0
  TCP    10.100.101.100:1594    91.199.212.149:80      TIME_WAIT       0
  TCP    10.100.101.100:1596    66.210.181.138:80      TIME_WAIT       0
  TCP    10.100.101.100:1598    91.199.212.149:80      TIME_WAIT       0
  TCP    10.100.101.100:1611    91.199.212.149:80      TIME_WAIT       0
  TCP    10.100.101.100:1613    91.199.212.149:80      TIME_WAIT       0
  TCP    10.100.101.100:1618    91.199.212.149:80      TIME_WAIT       0
  TCP    10.100.101.100:1622    91.199.212.149:80      TIME_WAIT       0
  TCP    10.100.101.100:1623    93.186.226.130:80      TIME_WAIT       0
  TCP    10.100.101.100:1626    93.186.226.129:80      TIME_WAIT       0
  TCP    10.100.101.100:1629    93.186.226.5:80        TIME_WAIT       0
  TCP    10.100.101.100:1630    93.186.226.4:80        TIME_WAIT       0
  TCP    10.100.101.100:1636    93.186.224.237:80      TIME_WAIT       0
  TCP    10.100.101.100:1637    93.186.224.237:80      TIME_WAIT       0
  TCP    10.100.101.100:1638    93.186.224.236:80      TIME_WAIT       0
  TCP    10.100.101.100:1641    93.186.224.236:80      TIME_WAIT       0
  TCP    10.100.101.100:1642    93.186.224.235:80      TIME_WAIT       0
  TCP    10.100.101.100:1643    93.186.224.234:80      TIME_WAIT       0
  TCP    127.0.0.1:1027         0.0.0.0:0              LISTENING       2744
  TCP    127.0.0.1:1639         127.0.0.1:445          TIME_WAIT       0
  TCP    127.0.0.1:5152         0.0.0.0:0              LISTENING       200
  TCP    127.0.0.1:5354         0.0.0.0:0              LISTENING       1832
  TCP    127.0.0.1:12025        0.0.0.0:0              LISTENING       2336
  TCP    127.0.0.1:12080        0.0.0.0:0              LISTENING       2404
  TCP    127.0.0.1:12080        127.0.0.1:1627         TIME_WAIT       0
  TCP    127.0.0.1:12110        0.0.0.0:0              LISTENING       2336
  TCP    127.0.0.1:12119        0.0.0.0:0              LISTENING       2336
  TCP    127.0.0.1:12143        0.0.0.0:0              LISTENING       2336
  TCP    192.168.0.1:139        0.0.0.0:0              LISTENING       4
  TCP    192.168.0.1:1640       192.168.0.1:139        TIME_WAIT       0
  UDP    0.0.0.0:445            *:*                                    4
  UDP    0.0.0.0:500            *:*                                    508
  UDP    0.0.0.0:1026           *:*                                    1832
  UDP    0.0.0.0:1029           *:*                                    828
  UDP    0.0.0.0:4500           *:*                                    508
  UDP    10.100.101.100:123     *:*                                    1036
  UDP    10.100.101.100:137     *:*                                    4
  UDP    10.100.101.100:138     *:*                                    4
  UDP    10.100.101.100:1900    *:*                                    1036
  UDP    10.100.101.100:5353    *:*                                    1832
  UDP    127.0.0.1:123          *:*                                    1036
  UDP    127.0.0.1:1030         *:*                                    828
  UDP    127.0.0.1:1545         *:*                                    2868
  UDP    127.0.0.1:1900         *:*                                    1036
  UDP    192.168.0.1:53         *:*                                    828
  UDP    192.168.0.1:67         *:*                                    828
  UDP    192.168.0.1:68         *:*                                    828
  UDP    192.168.0.1:123        *:*                                    1036
  UDP    192.168.0.1:137        *:*                                    4
  UDP    192.168.0.1:138        *:*                                    4
  UDP    192.168.0.1:1900       *:*                                    1036
  UDP    192.168.0.1:5353       *:*                                    1832


Offline grue155

  • Comodo's Hero
  • *****
  • Posts: 1172
Re: Internet Connection Sharing
« Reply #7 on: December 15, 2008, 07:31:39 PM »
Thank you for the config report.

It looks like there is a problem with the a Global Rule:
Quote
[5] Block            IP      In/Out From  Zone [Local Area Network #2]  To  IP Any  Where Protocol Is Any

If you consider how an ICS LAN is laid out:

      Internet ---- modem ----- ICS host ------- other PCs

when one of the other PCs wants to connect to the Internet, it has to send the packet into the ICS host. But rule 5, as written, will block that packet.

To fix that, rule 5 should be
Code: [Select]
[5] Block            IP      Out From  Zone [Local Area Network #2]  To  IP Any  Where Protocol Is Any

so that packets can come in from the other PCs, but but packets not expected in the usual protocols (TCP, UDP, or ICMP) will be blocked.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek