I2P firewall config

Comodo Internet Security - CIS Firewall Help - CIS
1

I have played about with Comodo, read the CIS thing which didn’t help.
Anyway I2P is telling me this:

““Firewalled - Your UDP port appears to be firewalled. As the firewall detection methods are not 100% reliable, this may occasionally be displayed in error. However, if it appears consistently, you should check whether both your external and internal firewalls are open on port 8887.””

At the top of the page that tells me this it also says:

““While I2P will work adequately behind a firewall, your speeds and network integration will generally improve if you open up your port (generally 8887) to both UDP and TCP, and enable inbound TCP above. If you think you have opened up your firewall and I2P still thinks you are firewalled, remember that you may have multiple firewalls, for example both software packages and external hardware routers. If there is an error, the logs may also help diagnose the problem.””

Ive made I2P.exe a trusted application too and added Port 8887 to port sets. No change in being firewalled.
What do I have to do to get all this stuff sorted out without spending 3 weeks trying to find out what a UDP port is etc…???

2

G’day herewegoagain and welcome to the forums.

I think I see where the problem lies. If I’ve interpreted your post correctly, your P2P software uses a fixed port (8887) for connections and your have made the application trusted and made a port set for that port.

You’ve done nearly everything right - you were just one step short, I believe.

When you define a port set, all you achieve is to define a set of ports that you will later on use in a firewall rule. This is the bit that’s missing. All that should be required is to add a handful of firewall rules that use the port set you defined that includes port 8887.

To define a firewall rule using this port set (which we will label “P2P” for the point of this exercise);

  1. Open CIS
  2. Click FIREWALL → ADVANCED → NETWORK SECURITY POLICY → GLOBAL RULES
  3. Click ADD
  4. Define a rule with the following parameters;
    Action : ALLOW
    Protocol : UDP
    Direction : IN
    Description : P2P Inbound UDP
    Source Address : ANY
    Destination Address : ANY (For an IN rule, this means the PC CIS is running on)
    Source Port : A SET OF PORTS → P2P (This is the port set you defined previously)
    Destination Port : A SET OF PORTS → P2P (This is the port set you defined previously)
  5. Click APPLY
  6. Click the UP button until this newly created rule is above any BLOCK rules in your list
  7. Click ADD
  8. Define a second rule with the following parameters;
    Action : ALLOW
    Protocol : UDP
    Direction : OUT
    Description : P2P Outbound UDP
    Source Address : ANY (For an OUT rule, this means the PC CIS is running on)
    Destination Address : ANY
    Source Port : A SET OF PORTS → P2P (This is the port set you defined previously)
    Destination Port : A SET OF PORTS → P2P (This is the port set you defined previously)
  9. Click APPLY
  10. Click the UP button until this newly created rule is above any BLOCK rules in your list
  11. Click ADD
  12. Define a third rule with the following parameters;
    Action : ALLOW
    Protocol : TCP
    Direction : IN
    Description : P2P Inbound TCP
    Source Address : ANY
    Destination Address : ANY (For an IN rule, this means the PC CIS is running on)
    Source Port : A SET OF PORTS → P2P (This is the port set you defined previously)
    Destination Port : A SET OF PORTS → P2P (This is the port set you defined previously)
  13. Click APPLY
  14. Click the UP button until this newly created rule is above any BLOCK rules in your list
  15. Click ADD
  16. Define a fourth rule with the following parameters;
    Action : ALLOW
    Protocol : TCP
    Direction : OUT
    Description : P2P Outbound TCP
    Source Address : ANY (For an OUT rule, this means the PC CIS is running on)
    Destination Address : ANY
    Source Port : A SET OF PORTS → P2P (This is the port set you defined previously)
    Destination Port : A SET OF PORTS → P2P (This is the port set you defined previously)
  17. Click APPLY
  18. Click the UP button until this newly created rule is above any BLOCK rules in your list

You should now have four newly created rules - 1 each for TCP and UDP inbound and 1 each for TCP and UDP outbound.

  1. Click APPLY again.
  2. Just to be safe, you can reboot to ensure the rules are read correctly.

We could have made this simpler by using a combined IN/OUT rule or a multi protocol rule (IP), but separating them liek this makes it a lot easier to troubleshoot if something goes pear shaped.

Please note that the above rules assume that your P2P software is using only port 8887 and only protocols TCP and UDP.

Hope this helps,
Ewen :slight_smile:

3

Many thanks Panic. Unfortunately at the mo I’ve got a firewalll in my router that I can’t turn off and although I have gone through the ‘how to’ I2P is still firewalled somehow.

4

See if your router is mentioned at www.portforward.com . They have tutorials on how to open a port on an immense amount routers. You may get lucky there if setting up the router is the problem.