uTorrent doesn work

Hi. I need help from you.

At first, sorry for my bad English, I’m from Czech Republic and my English skills are poor :-[
This is my problem:
I’m using CIS in version 3.9…509 and in Stealth Ports Wizard I selected “Block all incoming connections stealth my ports to everyone”. And now my P2P client uTorrent doesn’t work. I FOLLOWED this tutorial: https://forums.comodo.com/frequently_asked_questions_faq_for_comodo_firewall/tutorial_for_utorrent_with_comodo_firewall_3-t15677.0.html but I have problem with 3rd step. When I start uTorrent any popup display and uTorrent normaly start downloading. But in Options → Speed Guide → Test if port is forwarded properly I still haven’t “green circle”

When I checked CIS → Firewall → Advanced → Network Security Policy → Application Rules, there is item called C:\Program Files\uTorrent\utorrent.exe with only one rule: Allow IP Out from IP any to IP any where protocol is any. When I manualy delete this rule and restart uTorrent item is created again and again any popup… CIS symply recognize uTorrent as a known app. and assign that rule. If I manually edit item C:\Program Files\uTorrentyutorrent.exe and select Treat this app as… and select uTorrent “profile” created along tutorial, then item C:\Program Files\uTorrentyutorrent.exe although contain rules created in tutorial but uTorrent still doesn’t work… :-\

Any ideas or link to related problem? (except edit setting in Stealth Ports Wizard)???

Many many thanks and hope that you understant.

P.S.: My PC isn’t at any network and I have standart cable modem (something from Motorola)

P.S.2.: If I disable CIS and started Win XP firewall, uTorrent is OK, so settings of uTorrent is right.

Hi, if you have used the stealth ports wizard you will need to allow communication in for uTorrent in Global rules. Here is my rule set, pay careful attention to the Global Rules section at the bottom:

There are many variations on the rule sets for uTorrent, however, they all use the same ‘core’

Application Rules:

Action = Allow
Protocol = UDP
Direction = Out
Source Address = Any
Destination Address = Any
Source Port = Any
Destination Port = 53

Action = Allow
Protocol = UDP
Direction = In
Source Address = Any
Destination Address = Any
Source Port = Any
Destination Port = ANY - This may be tightened by using a Port Range 1024 - 5000

Protocol = TCP or UDP
Direction = Out
Source Address = Any
Destination Address = Any
Source Port = ANY - This may be tightened by using a Port Range 1024 - 5000
Destination Port = Any

Action = Allow
Protocol = TCP or UDP
Direction = In
Source Address = Any
Destination Address = Any
Source Port = Any
Destination Port = [Your uTorrent Port]

Action = Allow
Protocol = UDP
Direction = Out
Source Address = Any
Destination Address = Any
Source Port = [Your uTorrent Port]
Destination Port = Any

In addition you may need to add the following for uTorrent to work correctly and efficiently:

Action = Allow
Protocol = UDP
Direction = Out
Source Address = Any
Destination Address = 239.0.0.0 - 239.255.255.255
Source Port = Any
Destination Port = 6771

UDP 6771 is only used for the multicast search for local peers.

Action = Allow
Protocol = TCP
Direction = Out
Source Address = Any
Destination Address = Any
Source port = Any
Destination port = 80

HTTP is used by some trackers and Auto Update

Global Rules

If you have used the ‘Stealth Port Wizard’ you will need to allow uTorrent access in Global Rules:

Action = Allow
Protocol = TCP or UDP
Direction = In
Source Address = Any
Destination Address = [Your uTorrent Port]
Source Port = ANY

For efficient communication also add the following for ICMP in Global Rules:

Action = Allow
Protocol = ICMP
Direction = In
Source Address = Any
Destination Address = Any
ICMP Type = Port Unreachable

Action = Allow
Protocol = ICMP
Direction = In
Source Address = Any
Destination Address = Any
ICMP Type = Host Unreachable

Action = Allow
Protocol = ICMP
Direction = In
Source Address = Any
Destination Address = Any
ICMP Type = Network Unreachable

These rules are purely for CIS and do not take into consideration the use of a router.

To create these rules, either launch uTorrent so that it creates an entry(s) in the firewall Application Rules section, then stop the pplication and manually edit the rules. Or create the rules then, when launching uTorrent slelect ‘Treat this Application As’ and select uTorrent.

If you are behind a router or a modem with a hardware firewall you do not need any of those rules. All I did was port forward my hardware firewall like uTorrent tells me to then I made uTorrent “trusted” under the firewall and D+. You also have to uncheck “randomize ports” in uTorrent settings. What modem do you have? Something what?

By all means make all of your applications and services trusted as Vakko suggests, in fact why bother with a firewall at all?

Making everything trusted is not an answer to good security. All it takes is a little time, effort and understanding to make things work correctly.

You obviously didn’t read what I said. You call yourself a Mod. If you have a hardware firewall then you do not need rules for uTorrent or any other trusted program. Your hardware firewall takes care of all your inbound traffic and then you use a software firewall to catch anything trying to get out that you do not want getting out. I have tested and used just about every software firewall out there. Running programs that you use and trust everyday should be labeled as trusted in any firewall. I have all my games listed as trusted. There is no breach in security if you allow an ordinary program as trusted. I guess you do not use uTorrent cause if you did you would know that uTorrent by default randomizes ports upon every launch. Thats an option that needs to be unchecked. Port Forward.com even tells you this when you click on the check mark in uTorrent at the bottom. So what your saying is that you expect a newbie to understand and do what you suggested for every program they have. Yeah right. So I guess they should remove the “trusted” entry in the firewall section of CIS according to you.

Obviously you didn’t read what I said either!

Making everything trusted is not an answer to good security. All it takes is a little time, effort and understanding to make things work correctly.

For your information I do use uTorrent!

Here is my rule set

Are you behind a router? If so then why do you feel as though you need rules for CIS?

The debate regarding the needs/usage of a software firewall when used in conjunction with a hardware firewall (router) are many and varied. I have no wish to regurgitate that data here. Please spend some time googling…

Been there done that. Fix and build pc’s for a living. Once again you do not need specific rules for trusted programs if you have a good NAT set up. I agree with you that those rules are good if your not behind a hardware firewall but in todays world we all should have a NAT.

The choice, of course, is yours.

Many many many thanks!!! I followed Toggie’s tutorial and now my uTorrent works perfectly BUT I don’t understand this:

If you have used the 'Stealth Port Wizard' you will need to allow uTorrent access in Global Rules:

Action = Allow
Protocol = TCP or UDP
Direction = In
Source Address = Any
Destination Address = [Your uTorrent Port]
Source Port = ANY

How can I fill “Destination Adress” with my uTorrent port?? The Destination adress is only for IP (for example 200.200.200.200) or no?? To which entry I must write my uTorrent port (Single IP, IP Range, IP Mask, Zone, Host name or Mac adress)?? Because if I this rule create with these options:

Action = Allow
Protocol = TCP or UDP
Direction = In
Source Address = Any
Destination Address = ANY!
Source Port = Any
Destination Port = My uTorrent port

Only then uTorrent works…

And I don’t know if this is correct :-\

Thanks for your other answers

The rule you made is corrct and it should work.

You could define the destination address more tighty by using the MAC address of your network adapter or by using your internal IP address in case you use a fixed internal IP address.

Sorry my bad, typos do slip in from time to time…