Emule and bittorent tuttorials

Allow TCP
Source IP : any
Destination IP : any
Source port : any
Destination port : 17105

If you put this rule above the last default rules, it should works fine…
I use it on my system…

My bittorent port was not open, when I modified rule TCP/UDP Out. Do you have this one?
What are your uTorrent rules in Aplication Monitor? My Azureus rules: Aplication & Network.

Vampiric as Dest IP you say any? Is it the same thing if he did 192.168.0.1?!

Hi Pandlouk,

If I create the following rule in “Network Monitor” as suggested

Rule for TCP/UDP protocol

Action = Allow
Protocol = TCP or UDP
Direction = In
Source IP = Any
Remote IP = your IP adress (or “Any” )
Source port = Any
Remote port = the port your bittorent program uses for the TCP/UDP connections,

the said port would be open for all programs to use, not just bittorrent, wouldn’t it ? Is there any way to block other pograms from using this port ?

Thanks

Only one program on your host will bound to that port because there is a rule saying that every open port can only be bound to 1 application only.

Otherwise, if many progrma could listen to the smae port if the info came to your host which app was supposed to handle it?

Even if you try to bound the smae port to 2 diff appz the OS wont let you.

The router forwards the traffic to specific inside ip address:port bu then there is an app waiting specificlayy there for that info and 1 app only!

Hi Pandlouk,

If I create the following rule in “Network Monitor” as suggested

Rule for TCP/UDP protocol

Action = Allow
Protocol = TCP or UDP
Direction = In
Source IP = Any
Destination IP = your IP adress or zone(or “Any” )
Source port = Any
Destination port = the port your bittorent program uses for the TCP/UDP connections,

I had to move that network monitor rule to third place (ID 2) to get it to work with Azureus.

“Only one program on your host will bound to that port because there is a rule saying that every open port can only be bound to 1 application only.”

My concern was that after closing bittorrent, the network rule remains and the port becomes open for use by any other program (legit or spyware) in my computer.

yes if you close the app that you bound with that port then that port is open again for use.
and yes you can bound it to another app of your liking.

rather than the network monitor, you could make this rule in the application monitor with bit torrent as the application. This way bittorrent can access the port and nothing else.

Ewen :slight_smile:

Ewen Hello,

Could you pzl describe us the use of Application Monitor in a little Detail?

Thank you.

I’ll get onto this when I get home - about 7 hours. OK?

no problem Ewen! Plz take your time!

Try this.

If anyone can spot anything wrong in this, or if there is a better way to restrict a port to an app, but only while that app is running, please jump in and I’ll modify the doc to suit.

Cheers,
Ewen :slight_smile:

[attachment deleted by admin]

Hi all there ! I´m matinga.
I don´t want to sound stupid but I´m new in this and I still can´t get rid of my azureus NAT problem.

my network monitor
id2 allow tcp/udp in
from ip any
to ip any
source port any
dest. port azureus port(default)

ap. monitor
azureus.exe tcp out ip: any port: any
azureus.exe tcp in ip:any port: azureus port(default)
azureus.exe udp out ip any port any

What I´m doing wrong?? ???
Thank you all for your time and patience

out of this little problem (R)

In network monitor rules i have destination IP = zone (i’m behind a router)
It works for me, and i have the same network monitor rule, but the application rule is different.
It looks like this.

skip parent
allow all activites…
allow invisible…
skip advanced…

As you can see, i’m allowing everything for Azureus, but it’s hard to get it to work in another way.
I did have a more restricted set of application rules before, that worked but i don’t remember them…
I don’t use it so much so i don’t want to spend so much time in it.
Start with this and try it out, to see if it workes.

Alright, I’ve tried just about everything I could think of and I just can’t get Azureus to work properly. Both DHT and NAT show up as firewalled, and I never get a green face.

When I turn off CPF everything works fine, so there must be something wrong with my settings.

My settings are the following:

In Azureus:
TCP 52132
UDP 52133

Network monitor:

Allow TCP/UDP In
Source IP Any
Dest IP Any
Source Port Any
Dest Port Range 52132-52133

Rule placed as #2, after both rules for my LAN.

Application monitor:
Azureus.exe, Parent skip
Allow all activities
Allow invisible, Skip advanced checks

So why the heck won’t this work?
With this setup the Azureus NAT test still gives me a NAT error.
Maybe I need to change something in Azureus? I know UPnP has something to do with firewalls, for instance, so maybe I need to tinker with that?

Any form of help would be greatly appreciated.

Have you checked the logs in CPF?
What do they say?
Are you behind a router?
What do the test in Azureus say? Tools/NAT firewalltest?
For me it takes a while to get green lights, so i have to wait, but then it works.
I even get a few error messages when i start Azuresus.
I will look in to it later, when i can check the settings i use.

I’ve checked the Comodo logs.

I get loads of Medium Network Monitor errors, saying Inbound Policy Violation, Acces Denied, on ports 15275 or 2869. And very occasionally on port 64199.
I don’t know what these ports are used for, should I just open them? They’re not the Azureus ports I chose anyway.
And then I get soms High alerts, Blocked By Protocol Analysis (Invalid Flag Combination).

Yes, I’m behind a router, but when I turn off CPF everything works fine so I suppose that one’s configured correctly.

Azureus NAT says “Nat Error”
I get no errors when start Azureus except the NAT and DHT Firewalled errors I got before.

We have the same rules i think, but it works for me… Like i said earlier i takes about 3 minutes before i get green light after i have started azureus. First i get the NAT and DHT Firewalled errors too.
You can allowe all icmp too, and put it above the default ICMP rules, just to try it out.
If you are behind a router, you MUST set up a trusted zone, if you haven’t done that.
The rule should look like this then.
Allow TCP/UDP In
Source IP Any
Dest IP Zone
Source Port Any
Dest Port Range 52132-52133
I have also ckecked both “skip loopback…” in security/advanced/misc
Still doesn’ work?
Try to shut off network monitor and see if it works. Try the same with application monitor.
Remember to let Azureus have a few minutes to start before giving up.
Azureus is using Java, so it can be a bit “heavy” on the computer sometimes…
Now you can probably see where the problem is.
Set “loose” rules, and the tighten them up until azureus stops working.
Sometimes you have to restart CPF to get the new rules to work. Rightklick the systray icon and exit the program. Then start it again after 30 seconds.

Right.

So turning off App Monitor doesn’t change a thing, but turning off Network Monitor solves it.

I’ve tried opening port 15275 and now everything works (except I still get DHT firewalled, but that’s probably due to the low activity on the torrent). I don’t get why it’s using this port instead of the one I specified, but hey, at least it’s working now.
Actually, I just set the port in Azureus to 15275 for both TCP and UDP and I’ve changed Comodo’s settings to only allow port 15275, and things still work, so except if there’s a reason why I should use this port I’m just going to leave it this way.

I also opened TCP in 2869 and UPD In 8008, since it looks like Azureus is using them. Good move or bad move?

Thanks for your help, things are slowly starting to work :stuck_out_tongue:

Coren