DC++ and similar Direct connect clients tutorial

A mini tutorial of how to open ports for DC++.

First thing you must configure your DC++ client:
Go at the “connection settings” tab of the DC++ ;
there select “firewall with manual port forwarding”

Ports → TCP = a single port x (between 1025 and 32000)
→ UDP = a single port y (between 1025 and 32000)

External/Wan IP = your routers external IP (if you use a normal dsl modem leave it blank)

Know you are ready to configure CPF. Go at the “Network Monitor” panel.
There you should click with the right button of the mouse and choose “Add rule”->“add”
at the new window that appear you should put the following rules:

1. Rule for TCP protocol

Action = Allow
Protocol = TCP
Direction = In
Source IP = Any
Destination IP = your computers internal IP adress (you can also use “Any”, if you are using a modem and not a router; by this you won’t have to change the IP address every time you connect in internet )
Source port = Any
Destination port = x (same with the TCP port used at DC++)

2. Rule for UDP protocol

Action = Allow
Protocol = UDP
Direction = In
Source IP = Any
Destination IP = your computers internal IP adress (or “Any” )
Source port = Any
Destination port = y (same with the UDP port used at DC++)

Then move this rules up, above the default “block IP in” rule. Now DC++ and similar direct connect clients will connect without any problems. ;D

by pandlouk

IMPORTANT
you will have to disable the UPnP option from the program you use if you want this guide to work properly. If you don’t disable it you will have NAT problems.

A hint, add that you should update your DC++ program, I got pretty ■■■■■■ not finding the “firewall with manual port forwarding” button since it doesn’t exist in old versions. Never thought of my version was old.

Hope this will improve the guide

Thank you for your help, but I still have problems with setting up dc++ in Comodo. I´m not able to search in my dc++ and Comodo log shows “DDOS attack (UDP Flood)” any time I try it. If turn off the network monitor, everthing works fine.

Please help. Many thanks.

Yago26

P.S. Emule works fine! TCP UDP In has been setted up!

I have the same problem as Yago, I just can’t use search. All the other p2p applications work flawlessly.

For using the search you must disable the feature “Do protocol analysis”

If it does not work try to give a higher rate at the “UDP Flood traffic rate”

1. Application Monitor
2. Add
3. Search for your StrongDC.exe file
4. Set up the parent regarding what the opener is:
   Example1: you open it from quicklaunch/desktop/windows esplorer = C:\WINNT\Explorer.exe; Example2: you open it from Total Commander = C:\totalcmd\TOTALCMD.EXE
5. Now you can play with the settings - read the first post here - or set up an “Allow all activities for this application”.

Hello!

I have :

• disabled “Do Protocol Analysis”
• added the corresponding rule (with my port) into “Network Control rules”
• allowed all activities for the application (dcplusplus.exe in my case)
• increased flood control options for TCP and UDP to their maxs

but the search still doesnt work

Any other ideas?

Thanks in advance!

I have the same problem with the Search function in dc++.
All the other p2p applications work without any problem.

Is there any other idea ?

At the moment I cannot test DC++. I will test it on 10-15 of January and will report back any modifications that need to be done.

i use ldc++

altered applicationcontrole rule -miscallaneous - checked: “skip advanced security checks”
tried to alter the dest ip/port ion the in apllaction rule, but cpf asked a while later if i should accept an incoming connection, i clicked “allow” that was gone.

made also a networkmonitor rule:
allow tcp/udp In
source ip= any
destination - ip of the pc where ldc++ runs
source port = any
destination port = 1 port where ldc++ goes through

-search works

but i get the ddos attack udp flood error in the log, during the first 25 secs of search 310 packets/247 attackers

Maybe this version of comodo v2.4 would create an automatic rule for dc++ and other dc++ clients that would make search+download/upload work without creating mannualy a rule. Excuse my bad language.

I send entire installer of StrongDC++ with explanation of searching problems…

I have the same problem. Searching is not working bu other users can download from me without problems . Searching is blocked somehow…

Has anyone found a solution yet? I’m getting a bit tired over here I’m going back to ZoneAlarm if DC wont work

I use Apex DC++ 1.0.0B2 http://www.apexdc.net/ together with Comodo personal firewall 2.4

I spent several hours, trying to figure out why search doesn’t work. It worked only when I switched it to passive mode in Advanced Apex DC++ settings (“Always use passive mode for search”).

But I found the configuration which works for me. I used tutorial https://forums.comodo.com/index.php/topic,6167.msg45504.html#msg45504

Apex DC++ Connections settings:

1. Firewall with manual IP forwarding
2. TCP port x
3. UDP port y (differs from x)
4. External/Wan IP blank
5. Checkbox “Don’t allow hub/UPnP to override” unchecked.
6. Checkbox “Update IP on startup” unchecked.

Comodo firewall settings:
Network monitor rules:
7. Rule for TCP protocol

Action = Allow
Protocol = TCP
Direction = In
Source IP = Any
Destination IP = your computers internal IP adress (you can also use “Any”, if you are using a modem and not a router; by this you won’t have to change the IP address every time you connect in internet )
Source port = Any
Destination port = x (same with the TCP port used at ApexDC++)

8. Rule for UDP protocol

Action = Allow
Protocol = UDP
Direction = In
Source IP = Any
Destination IP = your computers internal IP adress (or “Any” )
Source port = Any
Destination port = y (same with the UDP port used at ApexDC++)

9. Then move these rules up, above the default “block IP in” rule.

Application monitor:
Application ApexDC.exe

10.TCP or UDP In
Action = Allow
Protocol = TCP or UDP
Direction = In
Source IP = Any
Destination IP = Any
Source port = Any
Destination port = Any

11.TCP or UDP Out
Action = Allow
Protocol = TCP or UDP
Direction = Out
Source IP = Any
Destination IP = Any
Source port = Any
Destination port = Any

12. IMPORTANT. Switch off advanced security checks for ApexDC++ in “Miscellaneous” section of Application rule. Without this change search doesn’t work. Firewall blocks search results as UDP flood. Check this in Activity logs.
    Checkbox “Skip advanced security checks” is checked.

13.Restart ApexDC++
:BNC

vladas_It,

Tnx for the details post and taking the time to figure it out. Hope others benefit from this.

LM

is there a way to use dc++ in connection–>direct connection instead firewall with port forwarding

In that case you’d have to allow incoming connections to all unpriviledged ports since dc++ will assign a new random listening port on each porgram start. This will only work if you are either directly connected to the internet (no router or NAT) or if all those ports are also open in the router. Not recommended.

Please note that in the latest batch of DC++ software, there is an ADDITIONAL incoming TCP port for TLS (secure) connections. This port should be different from the regular TCP listening port and will also have to be openend both in the firewall as well as in the router.

I noticed that the previously posted rulesets lack outgoing connections (or maybe I’ve read too quickly over them). You will thus also need the following rules:

Rule for TCP protocol

Action = Allow
Protocol = TCP
Direction = Out
Source IP = Local Network zone
Destination IP = Any
Source port = [unprivileged] port set
Destination port = [unprivileged] port set

Rules for UDP protocol

Action = Allow
Protocol = UDP
Direction = Out
Source IP = Local Network zone
Destination IP = Any
Source port = [unprivileged] port set
Destination port = [unprivileged] port set

Action = Allow
Protocol = UDP
Direction = Out
Source IP = Local Network zone
Destination IP = [Your DNS Servers] zone
Source port = [unprivileged] port set
Destination port = 53

If a hub uses a tcp port below 1025 you will have to either change the destination port to “any” in the tcp rules or make separate rules.

Ok i will post my configuration for DC++

First of all i’m using dc++ 0.674, i know this is an old version but i like this release. Now the problem is that dc++ produces an annoying nag-screen to update because it keeps calling home. I haven’t found any option to disable it, so I made a rule to block this aswell.

In DC++ set fixed ports for both TCP and UPD traffic. In my case is use 5665 for TCP and 5885 for UPD traffic.

In comodo make a new portset, i’ve used the name “dcports” in my example here. In that portset add the UPD and TCP ports, but very important also add the ports of the hubs you connect too. In my experience you also need the ports from the hubs to be able to search properly.

Here are the rule I use:

Rule 1, to block the update nag-screen from dc++
Block, TCP or UPD Out
Source: your own IP address, or zone if you have a dynamic address (use any if you want)
Destination: 216.34.181.96 *
Source port: any
Destination port: a single port “80”
*)If you use a newer version of dc++ (f.i 0.699) the IP used for the update might be different, check your connection list in dc++ and change if neccesary.

Rule 2, Allow incomming upd and tcp traffic
Allow, TCP or UPD In
Source: Any
Destination: Your own IP address, or zone if you have a dynamic address (use any if you want)
Source port: Any
Destination Port: a set of ports “dcports”

Rule 3, Allow outgoing incomming upd and tcp traffic
Allow, TCP or UPD Out
Source: Your own IP address, or zone if you a have a dynamic address (use any if you want)
Destination: Any
Source port: a set of ports “dcports”
Destination port: Any

Rule 4, ask unknown IP traffic
Ask, IP out
Source: Your own IP address, or zone if you have a dynamic address (use any if you want)
Destination: Any
IP Details: Any

Rule 5, Ask unknown http requests
Ask, TCP out
Source: Your own IP address, or zone if you have a dynamic address (use any if you want)
Destination: Any
Source port: Any
Destination Port: A single port “80”

For me these rules work fine. I only use 3 hubs and all those hub ports together with my udp and tcp ports are in the portset “dcports” and i have experienced no problems.

Let me know what you think