I found out what ip/ ports private trackers use by just downloading one torrent from the site, then finding out which ip/port they used.
Also, where most people seem to ALLOW http requests from any (which includes your ip) to any, (which obviously includes every ip address in the whole world), i have it ASK instead.
So, my rules are not set to “allow from any to any”.
You could have it from any instead of my ip, it makes no difference.
I think the problem is, if you strictly follow pandalouks rules, you only allow trackers who are on port 80. My point is, if you compile a list of ip’s and the ports they use, you don’t get bothered by HTTP requests. The other day, i got what seemed like hundreds of TCP out alerts, trying to communicate with various ips on port 80, so i guess this port can’t just be trackers. Maybe people who use emule. I think this port is special or something, like, it’s always open.
If you want to work out the port/ip a tracker uses, you could just download one torrent from a private tracker, get comodo firewall to “ask TCP out where source and destination ip and port are any” Then you should get a request to allow the ip/port you need to allow, i assume. Then change your TCP request rule back to something more sensible. Don’t blame me if this ip/port is the MPAA, though!
It is so funny that i just gave you technical advice. Don’t listen to anything i say until someone else comes along to verify what i’m telling you!
PS you could just ask the tracker which ip and ports they use. Which one is it?
well i dont know anymore, I went in and changed the http rule to “ask” instead of “allow” so it would show me the ip and port trying to connect, and now its working…so a bit confusing, as first post says leave it on “allow” instead of “ask”, as there was a bug, so I assumed “allow” would automatically allow it to auto connect. Dont know why simply changing it to ask, now makes it work
Anyway, I’ll still take note of ip and port it connects to, just in case it stops working again :-\
There is a reason for that (I thought pand’s post explained, maybe not)… when pand first wrote the uTorrent Tutorial he said that rule 4 (the HTTP exclusion to Privileged Ports) should be “Ask”, however at that time “Ask” didn’t work (a bug) & he couldn’t actually test it. So, he recommended “Allow” instead. You should be aware that if you have this set to “Ask” it will only prompt for Trackers (or uTorrent users) using port 80. Trackers using ports 0 - 1024 (excluding 80) will still be silently blocked.
yeah, I knew the reason why he said set to “ask”, but because the post was edited on March 17, 2008, I assumed ,since it wasn’t long ago, that the bug wasn’t yet fixed or the post would have been updated to remove the note.
Either way, as I have now set it to “ask”, and the torrents are now working, shouldn’t the fact I had it set to “allow”, automatically let connect whatever the “ask” rule has now allowing, except without “asking”?
If you always want to be asked about HTTP-like connections & you haven’t already done so, you might want to consider using a Port Set, called HTTP, defined as 80, 443 & 8080 (the other HTTP ports).
Yeah, i used “HTTP Ports” for a while too. But i think some trackers don’t like using just those ports, just today i’ve had “TCP out” requests to ports 24, 212, and 89. I just look up the ip address, decide for myself, and then allow or block based on this.
Why is it important which port the request is TO? I mean, who cares whether a tracker uses port 80 or port 65535? Is there a reason?
I have a desktop (Win98/ZoneAlarm/ICS/NIC-198.162.0.1) which has a dial-up connection for internet access. I use my laptop (WinXPPro(SP2)/Comodo3/NIC-198.162.0.2 - which has uTorrent installed) to connect to internet via ICS.
On my laptop, I tried out all the rules specified in the previous pages (Pandlouk & Ragwing’s) without any luck. Seems Comodo does a very good job of putting the uTorrent port (45888) in stealth mode. uTorrent Speed Guide test for forwarded port throws up “Error! Port 45888 does not appear to be open.”. GRC ShieldsUP also shows port 45888 in stealth mode.
Hey guys, I followed your rules pandlouk and they worked quite well. I noticed that when I added the Allow Outgoing DNS rule which Soyabeaner posted utorrent was working better and I didnt have the red arrow next to my downloads.
All i was wondering is that is it secure to use the DNS rule i have at the moment? Im a noob as you can tell and unsure of these rules :S
Thanks all
What is DNS? Domain Name System. Thanks to the gods Google + Wiki:
The Domain Name System (DNS) associates various information with domain names; most importantly, it serves as the "phone book" for the Internet by translating human-readable computer hostnames, e.g. www.example.com, into IP addresses, e.g. 208.77.188.166, which networking equipment needs to deliver information. It also stores other information such as the list of mail servers that accept email for a given domain. In providing a worldwide keyword-based redirection service, the Domain Name System is an essential component of contemporary Internet use
So what does this basically mean? No DNS = slow internet or download speeds
Oh ok thanks for the reply
So im guessing its perfectly safe as just another rule added on from pandlouks?
Also why do download speeds on utorrent vary so much from 13 kbps to 190. I know the time of day helps quite a bit but why such a difference?
Sorry in advance if the following has already been posted but I have only looked at the first and last page of the thread. This information will tighten security even more and at the same time might solve some firewall issues that people might be having.
First, go to utorrent options → Preferences → Advanced
and set net.outgoing_port to the same port that you’ve used for incoming connections. Now change your firewall rules accordingly:
Rule 1
Action = Allow
Protocol = TCP/UDP
Direction = In
Description = Rule for incoming TCP and UDP connections
Source Address = Any
Destination Address = Local Area Network Zone
Source port = Unprivileged port set (start port = 1025 / end port = 65535)
Destination port = the port of utorrent
Rule 2
Action = Allow
Protocol = TCP
Direction = Out
Description = Rule for outgoing TCP connections
Source Address = Local Area Network Zone
Destination Address = Any Source port = Your utorrent port
Destination port = Unprivileged port set (start port = 1025 / end port = 65535)
Rule 3
Action = Allow
Protocol = UDP
Direction = Out
Description = Rule for outgoing UDP connections
Source Address = Local Area Network Zone
Destination Address = Any Source port = Your utorrent port(Without setting net.outgoing_port this would have to be “ANY” contrary to the original post)
Destination port = Unprivileged port set (start port = 1025 / end port = 65535)
Rule 4
Action = Ask (enable Log as a firewall event if this rule is fired)
Protocol = TCP
Direction = Out
Description = Rule for HTTP requests
Source Address = Local Area Network Zone
Destination Address = Any
Source port = Unprivileged port set (start port = 1025 / end port = 65535)
Destination port = 80
DNS Rule
Action = Allow
Protocol = UDP
Direction = Out
Description = Allow Outgoing DNS
Source Address = Local Area Network Zone
Destination Address = DNS Zone (your ISP’s DNS servers)
Source port = Your utorrent port
Destination port = 53
Please refer to the manual how define Port sets and Zones. Hopefully you’ll find this useful!
Hey radhx,
Have you been here: http://portforward.com/ and made sure that 45888 is forwarded like it aught to be? Are you using that port every time (no randomizing in µTor)? Have you added 45888 to “My Port Sets” in CFP3 (for Ragwings)?
Yes, I tried to follow the instructions at portforward.com as well as steps described in previous pages.
I am not using randomizing in uT and have created a port set in CFP3 for 45888 which using in the rules.
I also tried to allow ICMP in/out, but that didn’t work.
I am using WLL CDMA land-line for connecting to internet. Can that be creating the problem? Or any setup is required for it?
Happy Friday Rad,
I’m afraid I must plead ignorance to your query regarding your connection - I’m simply unfamiliar [anyone with some insight please interject].
However, I’m curious to know what your logs look like when you’re running µTorrent.
Does your dial-up machine torrent okay?
Do you have a Global Rule that might be prohibiting the inbound connections to your port (45888)?
Sunday in 7 hours.