emule KAD yellow arrow and Applejuice(not emule!) firewalled with new version 4

I just installed the CIS v4 ( only Firewall ).
Settings are on Safe Mode.
Proactive settings.
Sandbox disabled.
emule cannot connect correctly with version 4.Everytime a yellow arrow.
Also applejuice ( not emule ) is firewalled.
I allowed all with this programs.
Version 3 works fine. Reinstalled it because everything works now.
Whats wrong with version 4 ?

The same problem with any bittorent client, the only solution is disabling the firewall
Wellcome to the V4 bug party

Thats funny now the move the bugs to the firewall help xD

E Mule is working normally here.

Can I see the Global Rules of the two of you?

Just add the port for tcp and udp on global rules and it should be fine.
I did this with BitComet and it worked str8 away.

How do I do that ?

And where do I find the global rules ?

And why it worked in version 3 and not in version 4 ?

For me this is a bug and shouldn´t be in the help section !

[attachment deleted by admin]

In order to do that you need to go to Firewall > Advanced > Network Security Policy > Global Rules

Click Add and Fill in the needed details. (All you have to change from that window is direction to IN and destination port to the port used by your client.)

Also make sure that the newly created rule is positioned above the block rule. (I think they are prioritized that way)

Read Above ^ :slight_smile:

It worked in version 3 because it did not have the Block IP in from IP Any to IP Any rule.
CIS works in two ways.

  • Outgoing traffic is first checked trough the Application Rules and then the Global Rules.
  • Incoming traffic first goes trough the Global Rules and then trough the Application Rules.

Basically the above means that the request for the packet goes out to the internet, but when the packet is sent to the destination (you) the firewall blocks it because of the above rule.

I do not think it is a bug, as this way the system is more secure against incoming traffic.

PS: I’m not sure about the last one maybe someone can comment on it!

Prallo. First of all your Global Rules don’t reflect Proactive security. This is what they look like straight from the box (see attached image).

Did you import firewall rules from v 3.13 or did you run the Stealth Ports Wizard to set to stealth on a per case basis?

You changed things to the default situation. I ran the Stealth Ports Wizard to stealth on a per case basis and I got e Mule reporting that both Kad and ed2k network were properly connected. There is something not right with your set up. Did you get an alert about incoming traffic?

Edit: I forgot to attach the image.

[attachment deleted by admin]

I have proactive enabled.
Sorry, I´m not a computer ■■■■■.
So how do I do that emule doesn´t show the yellow arrow ?

I didn´t import any rules from version 3 because I don´t have them saved.

And I didn´t run the Stealth Wizard in version 3 and 4.

I will deinstall version 3 now and install version 4 and do what BeatenRabbit suggested.

I will report here again.

Edit: I did as suggested and same problem.

I will install the latest version of CIS 3 again and stay with it.

[attachment deleted by admin]

Keep us posted. We should be able to get e Mule working for you.

I can´t post anything new because I´m using version 3 again.
I tried what BeatenRabbit suggested but it still doesn´t work
Why with version 3 it worked ?

hi all,

I have installed version 4 looks awsome. great job.

But I too cant get emule to get a high id… I keep getting the message in emule saying

“You have a lowid. Please review your network config and/or your settings”

It all worked fine in version 3 as when i first ran emule it asked if i wanted to allow each port at startup of the emule programme… but with version 4 all it asked at first startup after installing comodo Internet Security was if i wanted to run this [eMule] in the sandbox to which i said i did not want it to run in sandbox and to remeber that option…

Can someone please tell me how to open the ports i have which are TCP=34662 & UDP=34672…

Please Provide me with a step by step on so i can get it working again…

Thanks in advance for your help. It is greatly appreciated…

I tried the thing with the ports.
It didn´t work for me. Still LowID with emule.

At user2002. The problem is that the Global Rules for the default Internet Security Policy changed.

If you want,the less safe, v3 behaviour back run the Stealth Ports Wizard (Firewall -->Common Tasks) and choose “Alert me to incoming traffic and stealth my ports on a per case basis” → Finish. Now you will get the alert for incoming traffic again like in v3.

If you want to use the more safe default you will have to open ports in Global Rules. Read the following tutorial on how to open a single port:
To open the port TCP 1723 for example

First step is to determine the MAC or Physical address of you network connector. Go to Start → Run → cmd → enter → a black box will show up and enter the following → ipconfig /all (notice the space before /all) → enter → now look up the Physical address and write it down.

Notice that Physical address = MAC address

Firewall → Advanced → Network Security policy → Global Rules → Add → fill in the following:
Action: Allow
Protocol: TCP
Direction: In
Description: Incoming Port

Source address: Any
Destination Address: Choose MAC address and fill in the found MAC/Physical address
Source Port: Any
Destination Port: 1723

Then push Apply → Now make sure that the new rule is somewhere above the basic block rule(s) as the bottom (the block rules have red icons); you can drag and drop the rules → Ok.

Before I loose track. Can you state again your configuration and show a screenshot of the Global Rules you made? Global Rules can be found under Firewall → Advanced → Network Security Policy.

I just did this what you suggested, EricJH:

If you want,the less safe, v3 behaviour back run the Stealth Ports Wizard (Firewall -->Common Tasks) and choose "Alert me to incoming traffic and stealth my ports on a per case basis" --> Finish. Now you will get the alert for incoming traffic again like in v3.

And you know what ? It worked !!!

Thanks a lot EricJH ! :-TU

Cool. Glad it worked out for you.:slight_smile:

Thanks your instructions worked like a charm and after some extra rules were added I now get the green light in eMule…I have made a full update of what i did to show everyone…

The problem is that the Global Rules for the default Internet Security Policy changed.

If you want,the less safe, v3 behaviour back run the Stealth Ports Wizard (Firewall -->Common Tasks) and choose “Alert me to incoming traffic and stealth my ports on a per case basis” → Finish. Now you will get the alert for incoming traffic again like in v3.

If you want to use the more safe default you will have to open ports in Global Rules. Read the following tutorial on how to open a single port:
To open the port TCP 0000 for example

First step is to determine the MAC or Physical address of you network connector. Go to Start → Run → cmd → enter → a black box will show up and enter the following → ipconfig /all (notice the space before /all) → enter → now look up the Physical address and write it down.

Notice that Physical address = MAC address

Firewall → Advanced → Network Security policy → Global Rules → Add → fill in the following:
Action: Allow
Protocol: TCP
Direction: In
Description: Incoming Port

Source address: Any
Destination Address: Choose MAC address and fill in the found MAC/Physical address
Source Port: Any
Destination Port: 0000 (use your nominated port here)

Then push Apply → Now make sure that the new rule is somewhere above the basic block rule(s) as the bottom (the block rules have red icons); you can drag and drop the rules → Ok.

Now repeat the above rule, but this time for UDP protocol……

Once you have completed this you have to go to Firewall → Advanced → Network Security policy → Application Rules → Add → Click Select and browse for eMule.exe…

Once you have done this you have to make sure you select the option “Use Custom Policy is ticked”
Then click add and follow the following……

Action: Allow
Protocol: TCP
Direction: In
Description: Leave Blank

Source address: Any
Destination Address: Any
Source Port: Any
Destination Port: Any

Then push Apply →

Now repeat the above rule, but this time for UDP protocol……

Now make sure that the eMule rule is somewhere above the basic block rule(s) as the bottom (the block rules have red icons); you can drag and drop the rules → Ok.

For uTorrent follow the following steps……

Firewall → Advanced → Network Security policy → Global Rules → Add → fill in the following:
Action: Allow
Protocol: TCP or UDP
Direction: In/Out In (moderator edit)
Description: uTorrent TCP-UDP

Source address: Any
Destination Address: Choose MAC address and fill in the found MAC/Physical address
Source Port: Any
Destination Port: 0000 (use your nominated port here)

Then push Apply → Now make sure that the new rule is somewhere above the basic block rule(s) as the bottom (the block rules have red icons); you can drag and drop the rules → Ok.

Once you have completed this you have to go to Firewall → Advanced → Network Security policy → Application Rules → Add → Click Select and browse for uTorrent.exe…

Once you have done this you have to make sure you select the option “Use Custom Policy is ticked”
Then click add and follow the following……

Action: Allow
Protocol: TCP or UDP
Direction: In/Out
Description: Leave Blank

Source address: Any
Destination Address: Any
Source Port: Any
Destination Port: Any

Then push Apply →

Now make sure that the uTorrent rule is somewhere above the basic block rule(s) as the bottom (the block rules have red icons); you can drag and drop the rules → Ok.

Hope this will assist everyone out there… Please remember to thank EricJH who asisted me to start with !!!

i have tried what you all suggested here but the new firewall just refuses to let emule go green, also is it normal for cis 4 to not add any application rules for any apps? theres only the basic ones there.

firewall is set to safe or training mode, no change.
also i can see it blocking emule in the main window.
right btw i tried that stealth port wizard and alert me to incomming connections… it did not do anything for me, also when i’ve done that and check back on stealth port wizard the “blob” is back up on the first line.

funny that up to 3.14 i had no problems with emule, didn’t have to make any specific rules either just set it to costum and that was that and yes i know 4 is abit different.

Hi EricJH,

Now that the settings are working for me with emule and utorrent is it normal for the firwall in the network defence section on the main screen of the programme to say

“The Firewall Has Blocked 1972 intrusion(s) attempts so far” this number keeps climing… so far the machine has been on for 24 hours? is this a good sign that it is working and should it be doing this or do i need to change something in the settings?

Can you please advise.

thanks in advance