Firewall Tutorial for Utorrent with Comodo Internet Security

How to configure Comodo firewall 3 or 4 for utorrent.

1. Go to : Firewall → Advanced → Attack Detection Settings → Miscellanous and disable Do Protocol analysis

2. Go to : Firewall → Advanced → Predifined Firewall Policies and select Add…

Give a name at the new Predefined Policy for example: utorrent

Add the following rules:

Rule 1
Action = Allow
Protocol = TCP or UDP
Direction = In
Description = Rule for incoming TCP and UDP connections
Source Address = Any
Destination Address = Any
Source port = A port range = (start port = 1025 / end port = 65535)
Destination port = the port of utorrent

Rule 2
Action = Allow
Protocol = TCP
Direction = Out
Description = Rule for outgoing TCP connections
Source Address = Any
Destination Address = Any
Source port = A port range = (start port = 1025 / end port = 65535)
Destination port = A port range = (start port = 1025 / end port = 65535)

Rule 3
Action = Allow
Protocol = UDP
Direction = Out
Description = Rule for outgoing UDP connections
Source Address = Any
Destination Address = Any
Source port = the port of utorrent
Destination port = A port range = (start port = 1025 / end port = 65535)

Rule 4
Action = Ask (enable Log as a firewall event if this rule is fired)
Protocol = TCP
Direction = Out
Description = Rule for HTTP requests
Source Address = Any
Destination Address = Any
Source port = A port range = (start port = 1025 / end port = 65535)
Destination port = 80

Rule 5
Action = Block (enable Log as a firewall event if this rule is fired)
Protocol = IP
Direction = In/OUT
Description = Block and Log All Unmatching Requests
Source Address = Any
Destination Address = Any
IP Details = Any

3. Start utorrent. When Comodo asks you with a popup, choose Treat this application as select utorrent and enable Remember my answer.

Have a nice file sharing. (:WIN)

If you have connectivity problems:
Go at Firewall → Common Tasks → Stealth ports wizard and select
Alert me to incoming connections- stealth my ports on a per-case basis

Because of a bug you must change the rule 4 (for HTTP requests) to allow. I hope this will be resolved with the next updates.

Panagiotis

If you have a router, you’ll need to configure it for port forwarding:

1. Choose your router model (if it’s not in the list, choose one from the same company)
2. Select the software (in this case, uTorrent)
3. Now follow the steps in the guide

Tweak to increase download speed

Ragwing

If you have just a modem, you may need to add a rule (above the last block all) to allow outgoing DNS requests such as:

Action = Allow
Protocol = UDP
Direction = Out
Description = Allow Outgoing DNS
Source Address = Any
Destination Address = Any (or your ISP’s DNS server for extra security)
Source port = Any
Destination port = 53

Soyabeaner

Already ported to the greek community forums and blogs. Once again, pandlouk, great job.

First of all:

• Disable ‘Randomize port everytime uTorrent starts’ in uTorrent settings → Connections.

• Choose a port to listen for incoming connections in uTorrent settings → Connections.

• If you have a router, follow the instructions for port forwarding on your router.

• I also recommend using the speed tweak.

Now the the configuration for the firewall. I have two set-ups of rules. The first one is a bit easier, and as many people don’t like connections on privileged (port 1-1024), I’ve created a rule set for them too.

(NOTE: If you don’t have a static IP, use the MAC adress (instructions on how to get it here). It also works with ‘Any’.
Description for the rules are optional. You can change them if you want too.
Add the rules in the order I’ve numbered them.

Option 1 - Allow use of privileged ports (Recommended for beginners)

Go to Firewall->Advanced->Network Security Policy->Global Rules and add the following rule above all blocking (red) rules:

Action: Allow
Protocol: TCP or UDP
Direction: In
Description: Allow incoming traffic for uTorrent
Source Address: Any
Destination Address: Your IP/MAC or Any
Source Port: Any
Destination Port: uTorrent-port

Now go to Firewall → Advanced → Network Security Policy → Application Rules, and add these for uTorrent.exe:

Rule 1

Action: Allow
Protocol: TCP or UDP
Direction: In
Description: Allow incoming traffic for uTorrent
Source Address: Any
Destination Address: Your IP/MAC or Any
Source Port: Any
Destination Port: uTorrent-port

Rule 2

Action: Allow
Protocol: TCP or UDP
Direction: Out
Description: Allow outgoing traffic for uTorrent
Source Address: Your IP/MAC or Any
Destination Address: Any
Source Port: Any
Destination Port: Any

Rule 3

Action: Block (mark ‘Log as firewall event if this rule is fired’)
Protocol: IP
Direction: Out
Description: Block and log outgoing traffic
Source Address: Your IP/MAC or Any
Destination Address: Any

Rule 4

Action: Block (mark ‘Log as firewall event if this rule is fired’)
Protocol: IP
Direction: In
Description: Block and log incoming traffic
Source Address: Any
Destination Address: Your IP/MAC or Any

The application rules should now look like this:

http://img165.imageshack.us/img165/5655/utorrent0mw6.png

Option 2 - Deny use of privileged ports (Recommended for additional security, but might cause problems due to some ports being blocked)

Go to Firewall->Advanced->Network Security Policy->Global Rules and add the following rule above all blocking (red) rules:

Action: Allow
Protocol: TCP or UDP
Direction: In
Description: Allow incoming traffic for uTorrent
Source Address: Any
Destination Address: Your IP/MAC or Any
Source Port: 1025-65535
Destination Port: uTorrent-port

Now go to Firewall → Advanced → Network Security Policy → Application Rules, and add these for uTorrent.exe:

Rule 1

Action: Allow
Protocol: TCP or UDP
Direction: In
Description: Allow incoming traffic
Source Address: Any
Destination Address: Your IP/MAC or Any
Source Port: 1025-65535
Destination Port: uTorrent port

Rule 2

Action: Allow
Protocol: TCP or UDP
Direction: Out
Description: Allow outgoing traffic
Source Address: Your IP/MAC or Any
Destination Address: Any
Source Port: 1025-65535
Destination Port: 1025-65535

Rule 3

Action: Allow
Protocol: TCP
Direction: Out
Description: Allow outgoing HTTP-traffic
Source Address: Your IP/MAC or Any
Destination Address: Any
Source Port: 1025-65535
Destination Port: 80

Rule 4

Action: Allow
Protocol: UDP
Direction: Out
Description: Allow DNS-requests
Source Address: Your IP/MAC or Any
Destination Address: Any or your DNS server (can be found by launching cmd.exe and writing ‘ipconfig /all’.
Source Port: 1025-65535
Destination Port: 53

If you have more than one DNS-server, add a rule for each of them.

Rule 5

Action: Block
Protocol: TCP or UDP
Direction: Out
Description: Block outgoing traffic on privileged ports
Source Address: Your IP/MAC or Any
Destination Address: Any
Source Port: 1-1024
Destination Port: 1-1024

Rule 6

Action: Block
Protocol: TCP or UDP
Direction: In
Description: Block incoming traffic on privileged ports
Source Address: Any
Destination Address: Your IP/MAC or Any
Source Port: 1-1024
Destination Port: 1-1024

Rule 5 and 6 will prevent connections to privileged ports from getting logged, so that CFP 3 won’t log a lot of intrusion attempts.

Rule 7

Action: Block (mark ‘Log as firewall event if this rule is fired’)
Protocol: IP
Direction: Out
Description: Block and log outgoing traffic
Source Address: Your IP/MAC or Any
Destination Address: Any

Rule 8

Action: Block (mark ‘Log as firewall event if this rule is fired’)
Protocol: IP
Direction: In
Description: Block and log incoming traffic
Source Address: Any
Destination Address: Your IP/MAC or Any

If you’ve done it correctly, your application rules should look like this:

http://img389.imageshack.us/img389/217/utorrentyi4.png

(You might have more entries for DNS-requests)

Both works with everything enabled in Attack Detection Settings. I’ve been able to reach maximum download and upload speeds in uTorrent with both of them.

Cheers,
Ragwing

Hi Ragwing,

if you apply those rules then you must really trust utorrent and all those with which it connects.
I do not trust any program to give it access IN/OUT in every protocol.

Why you need to disable protocol analysis? What’s the reason? In emule tutorial you said it’s for search KAD. I have azureus and it’s have no search function…

thank you

thank you for this useful tutorial. I’m having a slight problem. After i creat the utorrent predefined rule, it simply disappears from the list of predefined firewall policies. Is this normal?

“Destination port = the port of utorrent” - you mean: Preferences, Connection, Listening Port?

http://img116.imageshack.us/img116/4859/93008400ft3.th.png

It’s a no-go, gives the error:

Not connectable A firewall/router is limiting your network traffic. You need to open up a port so others can connect to you.

…is it possible to get this and other sort of strange behavior because of Windows XP Service Pack 3, v.3205 beta?

just realized what I was doing wrong. So i’ve applied the rules and had the firewall treating utorrent according to the rules i’ve defined. Connection is ok but i know have hundreds of blocking events related to utorrent. Is this normal? Download and upload is ■■■■■■ but then again it could be my isp (what else is new?). What is the relevance of defining the port ranges you’ve mentioned? the firewall is blocking tons of utorrent connections coming from other ports. It is also blocking a lot connections destined to port 80. Why is this desirable?

I don’t but I got Comodo Firewall Pro 3, so do I have to worry?

It’s TCP and UDP, not all protocols

Yes it could be. You shouldn’t use XP SP3 BETA

Cheers,
Ragwing

How come, if i put in rule 5, then on 1 tracker im not able to get connectet to it with some torrents i had in utorrent before i installed the firewall and on 2 other trackers it works perfect with rule 5 enable ???

Ragwing thanks for the reply, no way for me to test it on sp2 right now but I guess eventually I’ll find out - or figure it out ahlefeldt rule 5 from above is to block further connections, so if it works without that rule, you must have something else that enables it to communicate - so check your config?..

ty for the replay Nimd4, check all and discovered that i had forgot to disable vista’s firewall and its seems to work after that got disabled, just strange that it only was one tracker it messed up… also a big thx to u Pandlouk for the guide.

You are welcome :■■■■.

ps. I updated the guide.

Working now.

Appears to be working. Will report back if my port still appears to be stealthed. (tracker takes a while to update)

That guide doesn’t work at ALL! It just boost the attacks on the newest comodo firewall! (:CLP)

(:AGL) (:LGH)

Yeah right! :■■■■

p.s. have you disabled uPnP in utorrent?

Comodo interfears with the obfuscated connections. If you leave it enabled you will have a slower download speed.

Nothing against you pandlouk but that seems excessive to me.

When I set mine up I just added Global rules,
Allow TCP/UDP IN from IP any to IP any Source Port any and Destination Port (uTorrents).
Allow TCP/UDP OUT from IP any to IP any Source Port (uTorrents) and Destination Port Any.

and the same for uTorrent in Application Rules.
Allow TCP/UDP IN from IP any to IP any Source Port any and Destination Port (uTorrents).
Allow TCP/UDP OUT from IP any to IP any Source Port (uTorrents) and Destination Port Any.

Why did you set the external users ports 1025-65535? I’ve had uTorrent running for a few days straight now, haven’t had any problems. uTorrent only uses the one defined port correct? Could I be hindering uTorret in some way with my setup?

I have fixed It now myself, doesn’t this work? It’s much easier!

http://static.pici.se/pictures/szmxuEYqx.jpg

http://static.pici.se/pictures/szmxuEYqx.jpg