PEERGUARDIAN and CFP

master_kenobi · March 14, 2007, 2:47pm

Hello,

I have everything working fine in CFP, but still can´t make the Updates lists in PeerGuardian.
Everytime give me the information “ERROR CONTACTING URL´S”.
I´ve made the UDP and TCP rules for PeerGuardian in application monitor, but still give me that error
in peerGuardian.
Below are the logs of CFP, when i try the updates in PeerGuardian, maybe you can help me.

Data de Criação: 08:14:00 14-03-2007

Espaço de Log:: Hoje

Data/Hora: 2007-03-14 08:13:52
Severidade: Média
Relatado: Monitor de Rede
Descrição: Violação da Politica de Entrada (Acesso Negado, IP = 192.168.1.1, Porta = upnp-mcast(1900))
Protocolo: UDP Entrada
Fonte: 192.168.1.1:upnp-mcast(1900)
Destino: 239.255.255.250:upnp-mcast(1900)
Razão: ID da Regra de Controlo da Rede =9

Data/Hora: 2007-03-14 08:13:47
Severidade: Média
Relatado: Monitor de Rede
Descrição: Violação da Politica de Entrada (Acesso Negado, Protocolo = IGMP)
Protocolo: IGMP Entrada
Fonte: 192.168.1.1
Destino: 224.0.0.1
Razão: ID da Regra de Controlo da Rede =9

Data/Hora: 2007-03-14 08:13:31
Severidade: Média
Relatado: Monitor de Rede
Descrição: Violação da Politica de Entrada (Acesso Negado, IP = 192.168.1.1, Porta = nbname(137))
Protocolo: UDP Entrada
Fonte: 192.168.1.1:4826
Destino: 192.168.1.100:nbname(137)
Razão: ID da Regra de Controlo da Rede =9

Data/Hora: 2007-03-14 08:13:31
Severidade: Média
Relatado: Monitor de Rede
Descrição: Violação da Politica de Entrada (Acesso Negado, IP = 192.168.1.1, Porta = upnp-mcast(1900))
Protocolo: UDP Entrada
Fonte: 192.168.1.1:upnp-mcast(1900)
Destino: 239.255.255.250:upnp-mcast(1900)
Razão: ID da Regra de Controlo da Rede =9

Data/Hora: 2007-03-14 08:13:20
Severidade: Média
Relatado: Monitor de Rede
Descrição: Violação da Politica de Entrada (Acesso Negado, IP = 192.168.1.1, Porta = nbname(137))
Protocolo: UDP Entrada
Fonte: 192.168.1.1:4826
Destino: 192.168.1.100:nbname(137)
Razão: ID da Regra de Controlo da Rede =9

Data/Hora: 2007-03-14 08:13:15
Severidade: Média
Relatado: Monitor de Rede
Descrição: Violação da Politica de Entrada (Acesso Negado, IP = 192.168.1.1, Porta = nbname(137))
Protocolo: UDP Entrada
Fonte: 192.168.1.1:4825
Destino: 192.168.1.100:nbname(137)
Razão: ID da Regra de Controlo da Rede =9

Data/Hora: 2007-03-14 08:13:05
Severidade: Média
Relatado: Monitor de Rede
Descrição: Violação da Politica de Entrada (Acesso Negado, IP = 192.168.1.1, Porta = upnp-mcast(1900))
Protocolo: UDP Entrada
Fonte: 192.168.1.1:upnp-mcast(1900)
Destino: 239.255.255.250:upnp-mcast(1900)
Razão: ID da Regra de Controlo da Rede =9

Data/Hora: 2007-03-14 08:13:04
Severidade: Média
Relatado: Monitor de Rede
Descrição: Violação da Politica de Entrada (Acesso Negado, IP = 192.168.1.1, Porta = nbname(137))
Protocolo: UDP Entrada
Fonte: 192.168.1.1:4825
Destino: 192.168.1.100:nbname(137)
Razão: ID da Regra de Controlo da Rede =9

Data/Hora: 2007-03-14 08:12:59
Severidade: Média
Relatado: Monitor de Rede
Descrição: Violação da Politica de Entrada (Acesso Negado, Protocolo = IGMP)
Protocolo: IGMP Entrada
Fonte: 192.168.1.1
Destino: 224.0.0.1
Razão: ID da Regra de Controlo da Rede =9

Data/Hora: 2007-03-14 08:12:59
Severidade: Média
Relatado: Monitor de Rede
Descrição: Violação da Politica de Entrada (Acesso Negado, IP = 192.168.1.1, Porta = nbname(137))
Protocolo: UDP Entrada
Fonte: 192.168.1.1:4825
Destino: 192.168.1.100:nbname(137)
Razão: ID da Regra de Controlo da Rede =9

Thank you very much,

And may yhe force be with CFP. (V) (V) (V)

Little_Mac · March 14, 2007, 3:28pm

master kenobi,

I really don’t think that any of those entries have anything to do with PeerGuardian; they are all unsolicited inbound attempts.

The IGMP/Multicast entries appear to be coming from your router, if I remember your info correctly from the other thread (always possible I haven’t…). At any rate, they are unsolicited. I know this because they’re Inbound, and there will be no Outbound IGMP traffic with CFP because by default it is not allowed by the Network Monitor rules.

The other entries destined for Port 137 appear to be part of a NetBIOS Naming connectivity attempt. Again, looks to originate with your router. NetBIOS TCP/IP is another point of contention that many users have with Microsoft, due to its security vulnerabilities. Most security experts generally agree that if you do not specifically need it, disable the service entirely.

I have run an update of PG2, and received that same error for the p2p Lists only. I tried the URL (thru sourceforge), and the server appears to not be available. During the check, I cleared CFP’s logs and watched the connections; CFP does not appear to be blocking it on my machine. Please see the attached screenshot… the 66.35.250.99 is the connection I’m mentioning, for the failed update. You will note that it is allowed to connect. The first connection for PG2 showing, is to my DNS server.

LM

[attachment deleted by admin]

master_kenobi · March 14, 2007, 3:43pm

So, why when i turn of the CFP i can do the updates with no problems???

system · March 14, 2007, 3:49pm

If the Allow All setting (same as turning off CFP) works, you know it’s a problem with rules, right Mac?

Little_Mac · March 14, 2007, 3:53pm

Well now on that, that would seem to indicate that you are blocking it somewhere… I set CFP to Allow All just now and got the exact same results as before. Then I exited the firewall completely, updated PG2, and still got the exact same results as before.

I do not allow IGMP/Multicast, and have completely disabled NetBIOS, so I am confident it’s not related to that. There must be something else…

When you say you turned off CFP, do you mean you set the Security Level to Allow All, or that you chose “Exit” from the context menu of the systray firewall icon (right-click)?

LM

Little_Mac · March 14, 2007, 3:53pm

You’d think I would, except when it comes to my own computer… ;D

system · March 14, 2007, 3:55pm

I’m checking Kerio out, and i have problems updating too. Must be from server problems.
If you insist, and insist, it will update. Just re-check that you didn’t block pg2.exe

master_kenobi · March 14, 2007, 5:07pm

It´s the same! I tried the both(Exit from CFP, and set to Allow all), and that way i have no problems updating Peerguardian.
I checked the aplications rulles and there´s a rulle allowing everything for peerGuardian as you can see below.

[attachment deleted by admin]

system · March 14, 2007, 5:16pm

Since your log didn’t indicate anything related to PG, and with Someone’s testimony, then it must PG update servers.

I remember now. I used to have PG years ago and with lots of update problems as well, even before I had a firewall.

master_kenobi · March 14, 2007, 5:21pm

But it must be the firewall, because everytime i exit the CFP and i try update Peerguardian, it will update very fast with no problems

Little_Mac · March 14, 2007, 7:51pm

mk, try this:

Remove the Application Monitor rule for PeerGuardian, and reboot your computer immediately.

When you reboot, you should get a popup(s) for PG2; check “Remember” and click Allow.

Then try the update.

LM

master_kenobi · March 14, 2007, 8:12pm

Strange…!!!
I´ve removing the rulles, and reboot the PC, and when a try updating, it only update one list
for each time. As i have 11 lists, i´ve done 11 atempts to update all the lists.
Why CFP(now) let update only 1 list, for each time i try the “Check Updates”???

system · March 14, 2007, 8:27pm

You removed the rule, and it now updates. The fact that only one list updates relates to what i said above.
The fact that removing the rule allows you to update tells us that the rule was not good.

Little_Mac · March 14, 2007, 8:30pm

So how many rules have been created for PG2 in this manner?

Did you have any p2p applications active when you are updating PG2?

LM

master_kenobi · March 14, 2007, 8:58pm

Yes Someone, something in the old rulles are not right.
But now,only one rulle have been created as you can see below.
No, i don´t have any P2P application open.
Why one list each time??I don´t understand…

[attachment deleted by admin]

Little_Mac · March 14, 2007, 9:35pm

Not sure why it went one at a time… If I could see the popup alerts, it would help, but without that, I just don’t know. The most important thing is, does it work now? In a couple days, does it still work?

LM

master_kenobi · March 14, 2007, 9:51pm

But there is no popup alerts in CFP.
Only in the update window of PeerGuardian, the message in front of each list
is “ERROR CONTACTING THE URL” !

But i will wait a couple of days…!!!

Thank you very much Little Mac, and of all you. (CNY) (CNY) (CNY)

system · March 14, 2007, 10:06pm

I get that message too, believe me. I just insist ;D

master_kenobi · March 14, 2007, 10:21pm

Ok Someone, i will insiste, maybe CFP is learning!
Thank you for your concern. (:CLP)

system · March 14, 2007, 10:31pm

No no, not CPF, you have a general rule now (no ports mentioned), it has to work. I used PG2 with Comodo before, no problems.

PG2 is the one you have to insist. PG update, update!