Comodo & Unreal Streaming Server

DeniseDD · October 25, 2006, 12:05am

Comodo blocks clients from accessing my Media Server (umediaserver.net). How should I set it up to allow traffic? My old ZoneAlarm had no trouble.

panic · October 25, 2006, 2:02am

Hey Denise,

If this is over an internal LAN, you should define a zone and set it as trusted. This will allow unencumbered traffic across the LAN to all PCs on the same subnet. To define a zone, click SECURITY - TASKS and select “Add/Remove/Modify a Zone”. Enter the details relevant to your LAN and then select “Define a trusted network” and choose the zone we have just defined.

If your clients access it over the internet, you will need to make some network monitor rules to allow access. Do you know what ports are required? Are there any blocking entries in the firewall log files?

Please export the log file and post it here, sop we can have a look at what’s being stopped and why.

Hope this helps,
Ewen

DeniseDD · October 25, 2006, 8:04am

It need to connect over the net (not LAN). These entries are coming up on a connection attempt:

Date/Time :2006-10-25 09:56:45 Severity :Medium Reporter :Network Monitor Description: Inbound Policy Violation (Access Denied, IP = 192.168.1.33, Port = 5119) Protocol: TCP Incoming Source: 62.51.160.142:22060 Destination: 192.168.1.33:5119 TCP Flags: SYN Reason: Network Control Rule ID = 5
Date/Time :2006-10-25 09:56:40
Severity :Medium
Reporter :Network Monitor
Description: Inbound Policy Violation (Access Denied, IP = 192.168.1.33, Port = 5119)
Protocol: TCP Incoming
Source: 62.51.160.142:22060
Destination: 192.168.1.33:5119
TCP Flags: SYN
Reason: Network Control Rule ID = 5

Date/Time :2006-10-25 09:56:35
Severity :Medium
Reporter :Network Monitor
Description: Inbound Policy Violation (Access Denied, IP = 192.168.1.33, Port = 5119)
Protocol: TCP Incoming
Source: 62.51.160.142:22060
Destination: 192.168.1.33:5119
TCP Flags: SYN
Reason: Network Control Rule ID = 5

According to their website it needs ports 5119 and 5120.

panic · October 25, 2006, 8:38am

Thanks Denise. Going by this you need to create a network monitor rule with the following parameters;

Action : Allow
Direction : In
Protocol : TCP
Source IP : Any
Source Port : Any
Destination IP : Any (This can be interpreted as meaning "Any PC that is currently running this instance of CPF - i.e. this one - odd naming convention, but it works )
Destination Port : A range - 5119,5120

If this isn’t quite right, I apologise, but I’m not at a PC with CPF on it at the moment, and I’m running on memory (and not running that swiftly, I might add - its been a looooong day). Even if it’s not quite right, I think this should be close enough for you to nut out any discrepancies.

If not, drop another line and I’ll ■■■■■ the thinking cap on a bit tighter.

Hope this helps,
Ewen

DeniseDD · October 25, 2006, 9:25am

It works. But forgive my wondering, doesn’t this enable any program from the outside to use those ports?

panic · October 25, 2006, 11:51am

Yes with an if, no with a but.

Are you able to definitively determine the IP addresses of your clients that will contact the media server, are those IP addresses static and will they all use the same user assigned port above port 1024?

If you can get this info, then you can tighten the rule absolutely to those IP addresses.

Other than that, the media server should be configured to only accept media stream requests on port 5119 or 5120, which should mean that ti would reject any other request to those ports.

You should be fairly safe with this.

Hope this helps,
Ewen

P.S. Just out of curiousity, can you let us know whether CPF allows for an acceptable data stream rate to be maintained, or if it induces a bit of lag, and if so, how much. You can be our media streaming server crash test dummy. No offence intended.

TIA
ewen