I use CPF in default rules , I only add a application control rule about eMule its:
emule.exe any any tcp/udp in/out allow
I think in this way when eMule running ,the TCP porst 4662 and UDP port 4672 should open, because eMule has unlimited connection. but when i use eMule to loggin the server it has the low id . next ,I turn off network monitor then I have High ID. Kad opened.
ok, I wroted another rules in network control rules its:
Allow IP In 22.214.171.124 Zone:my local network where ipproto is any
then I turn on network monitor ,I have HighID. but I have Kad problems always firewalled
any idea? I found application rules dont have local port select ,so i only can change network rules,but I dont like to turn off it. anyone can help me writing a rules to solve this problem?
Bitcomet is a BT client. when i use it , i gave it unlimted conections, but its like eMule’s problem. I only can linking to other people from local, but people outside cannot link my computer from remote.
I see a rule in network monitor block all ip in , who have good idea about it?
The default installation of CPF is designed to provide full invisibility to the outside world. This means nobody from the outside network will be able to contact with you unless :
1- You have initiated the connection so that the outside party sends a reply,
2- You explicitly allow some specific traffic,
P2P servers try to connect to your host without waiting for you to initiate the connection. Their behavior is exactly the same as if someone tries to connect to your PC. So case 1 is not applicable for P2P networking.
You need to configure the Network monitor for P2P networking. Usually, allowing the traffic to incoming TCP or UDP port will be sufficient. But to better understand what CPF is blocking, you need to do following :
1- Goto Security->Network Monitor
2- Double click on the last block rule i.e (BLOCK IP IN FROM IP ANY TO IP ANY WHERE IPPROTO IS ANY) the rule id = 1 if default configuration is maintained,
3- Select “Create an alert if this rule is fired” option to force CPF show you what it blocks.
after following these steps, you can run P2P application and see what CPF blocks. CPF will show you alerts in Activity->Logs section.
Then you need to add an allow rule for TCP/UDP ports that are being blocked. But remember to add these rules before the blocking rule(BLOCK IP IN FROM IP ANY TO IP ANY WHERE IPPROTO IS ANY). Because the network rules are searched from top to bottom.