Opera sets Intrusion attempt

Every time I open Opera (v10.51), it takes forever to load and i’ve notices it causes and intrusion alert on destination IP port 1900. This alert causes Opera to open very slowly as well as run slow. Is there a way to allow this destination port to be “accepted” and not trigger the intrusion alerts? One post out side of here suggested dropping down to training mode but has not seen much improvement.


That is Unite broadcasting to the local network. Technically it is a multicast within the Universal Plug and Play framework.

I made a separate predefined policy for Opera that I build on top of the Browser policy.

Go to Predefined Firewall Policies (Firewall → Advanced) → Add → give it a name; say Opera browser → select “use a custom policy” → Copy from → choose the browser policy.

Nest step is to add a rule for Universal Plug and Play (uPnP) multicast. Choose Add and fill in the following:
Action: Allow
Protocal: UDP
Direction: Out
Description: uPnP mcast

Source Address: Any
Destination Address:
Source Port: Any
Destination Port: 1900

When done Apply. Now make sure the rule is somewhere above the basic block rule (red icon at the bottom). Then Ok and Apply your way out. Now edit Opera’s Firewall to follow the Opera Browser policy.

In similar fashion I added an open port in the Opera browser policy for Unite (8840).


just checking

Action: Allow
Protocal: TCP
Direction: Out
Description: unite

Source Address: Any
Destination Address: Any
Source Port: 8840
Destination Port: Any

right ?



For Unite you need to allow incoming traffic. Check the changes I made in the above.

The firewall’s logic is that traffic goes from source to destination. For outgoing traffic the source is your computer and (part) of the the web is destination. For incoming traffic the destination is your computer and (part of) the web is source.


of course! it’s a server behaviour. sometimes i think it right but then write it wrong 88)

thanks :-TU