I would create 2 rules for UT2004.exe :
RANGE 192.168.0.0 - 192.168.0.255 [Any] TCP/UDP In/Out Allow
NOT IN RANGE 172.16.0.0 - 172.16.255.255 [Any] TCP/UDP In/Out Block
I can create those 2 rules when I specify a parent for each one
but when I try to create those 2 rules with “skip parent” activated, the second rule isn’t created.
Why ?
(I don’t want two create two rules for each possible parent of UT2004.exe)
No one knows why we can’t create 2 rules for an application when “skip parent” is activated ?
Can you try to create the rule like this:
1 - Create first rule and select skip parent
2 - Create second rule with skip parent selected.
This should work. If not let us know.
Egemen
I tested this (not on UT2004, since I didn’t have it… I used Half-Life) & this was the result…
http://img72.imageshack.us/img72/6392/0hluk7.gif
… Both rules skipped the parent. This doesn’t happen on your system. Right?
But, given Egemen’s post… I’m not sure that I’ve replicated what you were trying.
It doesn’t work : the second rule isn’t added to te list of rules.
Thanks for your test but I made a mistake in my explications :-[, the IP range have to be the same for the 2 rules.
Could you try with the following rules ?
RANGE 192.168.0.0 - 192.168.0.255 [Any] TCP/UDP In/Out Allow
NOT IN RANGE 192.168.0.0 - 192.168.0.255 [Any] TCP/UDP In/Out Block
On my system, it works when the ip range aren’t the same but not when they are the same.
RANGE 192.168.0.0 - 192.168.0.255 [Any] TCP/UDP In/Out Allow NOT IN RANGE 192.168.0.0 - 192.168.0.255 [Any] TCP/UDP In/Out Block
This just leaves 1 rule, if I do this. But, I can see why… since they are, in effect, the same thing. Aren’t they?
I don’t think so :-.
RANGE 192.168.0.0 - 192.168.0.255 [Any] TCP/UDP In/Out Allow → allow on local network
NOT IN RANGE 192.168.0.0 - 192.168.0.255 [Any] TCP/UDP In/Out Block → block on internet
If I put only the fisrt rule, CPF will ask me when UT2004 will try to access internet.
OK. So, what happens if you say deny & ask CPF to remember it or… if you only have the second rule (this might require you to have your local network set-up as a trusted zone to avoid any pop-ups)?
What kind of a Network Rule is this? Do you understand that an IP ranging from:
192.168.. - 192.168.*.255 are only used on a Local Area Network!
Your Rule #2 is Pointless:
" NOT IN RANGE 192.168.0.0 - 192.168.0.255 [Any] TCP/UDP In/Out Block → block on internet ". Block on Internet???
If you’re being paranoid maybe (Rule #2) might have access to the internet? No, they can’t except you have an Internet sharing program(like winroute, etc) used to share Internet on a LAN. And even with that, they can’t log in directly to the net. It has to go through the ‘main source’
Please read one of my posts Here on ‘Network Class’
Thanks,
rki.
I know that 192.168.0.0 - 192.168.0.255 is for lan. I want to be able to play UT2004 on my lan but I want to be sure that UT2004 won’t send any data on the internet.
If I have only the rule :
RANGE 192.168.0.0 - 192.168.0.255 [Any] TCP/UDP In/Out Allow
CPF show a popup when UT2004 try to have access to the internet and add the rule
[Any] [ANY] TCP/UDP In/Out Deny
Will this second rule prevent me from playing in lan (I have set 192.168.0.0 - 192.168.0.255 as trusted zone) ?
If I have only the rule :
NOT IN RANGE 192.168.0.0 - 192.168.0.255 [Any] TCP/UDP In/Out Deny
CPF show a popup when UT2004 try to have access to the lan and add the rule
[Any] [ANY] TCP/UDP In/Out allow
Will this second rule allow UT2004 to have access to internet ?
2)Yes
Greetings,
Delete any Rule you’ve created or added to your LAN
Move to Security - Task and re-add your LAN to the Trusted Zone
Move to Security - Application Monitor - +Add
Learn the Parent - Browse(UT2004) - Apply the following criteria
General-Rules
Action: Allow
Protocol: TCP/UDP
Direction: In/Out
Destination IP: Zone(Select your LAN)
Destination Port: [Any]
That should do it for you. having UT on Only the LAN
Thanks,
rki.
Thanks, I’ll try that :D.