Hi,
can someone explain me, why I have to make a network-rule to open a port for a peer-to-peer prog., such as eMule. Why can’t I just make a rule, allowing ALL traffic for eMule.exe ?
THX
poser
You need to create a network monitor rule (and place it above your “block all” rule) because all inbound connections are denied by default. Outbound connections are permitted by default so you only need to create an application rule for outbound access.
thx for the answer.
I can follow. But do you say:
dont you mean I need an app. rule for INBOUND access ? (if outbound are prmitted by default)
thx
Yes, you will also need to create an application rule for inbound access too. With CPF’s default configuration, you need to create a network and application rule for inbound access and just an application rule for outbound (as outbound access is permitted by default in network monitor).
AHHHHHH
Now it all comes more clear, I hope.
IS it true, that each packet must be allowed be BOTH, an application rule and a network rule ??
See, in Sygate for example, the “global” rules are higher in rank, though if non of them applies, the application rules are used. Just when NO rule applies, the packet is skipped.
Am I right, now ?
Ok, again me,lol.
I did a little more search, now I see clearer:
The sequence, in wich the packets are processed (e.g. the rules are applied) is different for inbound and outbound !!!
(:CLP)
THIS is one thing much of my confusing comes from.
I think, this topic should be in the docu, because I was not the only one confused, I think.
Just one thing: If network monitor rules are turned ON, and a packed arrives, and there would be no rule that applies to: skipped or passed ??? (sure this only happens without the default rules)
THX
poser
Yes, only for inbound access though.
See, in Sygate for example, the "global" rules are higher in rank, though if non of them applies, the application rules are used. Just when NO rule applies, the packet is skipped.Am I right, now ?
Sorry, I’m not familiar with Sygate (I’m a Kerio user). Regarding inbound access, network monitor rules are actioned first. Outbound access, application rules first.
With CPF’s default setup, the last rule (block all) in network monitor would deny access. If no rules were present, then the connection would be passed onto application rules.
OK, thx alot.
ahh, why is there that network rule for “allow all inbound”, if this would pass the network filter anyway ?
thx
There shouldn’t be ???. Which version of CPF are you using? Your first rule (0) should allow all outbound access, rules 1 to 3 control icmp and the last rule, deny all inbound access.
sorry, I meant OUTbound, of cos.
But I have only two rules there, one for in and one for out, hmm !?
What does the inbound rule allow/deny? Are you using 2.3.3.33 (beta)?
I’m using 2.2.0.11.
Ok, the two rules apply ony to Protocol= IP. Out=allow, In=block.
But what does this mean then ?
All outbound connections are permitted and all inbound connections denied. It seems that the icmp rules were added during the beta’s.