this is me being a noob.sorry if this has been answered before i have tried to search but found nothing on the second half of my question.
i have set up utorrent in cpf 2.4.18.184 as
allow
tcp/udp
in
any
trusted zone
any
65000
and put it at the top of the list, is that right? i get a green tick on utorrent, but when it comes up on application mointor it asks me to allow 65000, and then port dns(53),16462,27474 and so on, theres 20 others altogether. is that because the source ip is set to any? is this normal, cuz if i accept it theres alot of traffic on other ports, i thought the point was to have it all on 65000 the one i specified.
hey thanks seems the rule is fine, but theres no answer for the second part of the question that when you first open utorrent comodo asks your to allow those other ports aswell is that normal ?
yes, that is normal.
from a network pov bit-torrent can be a bit of a mess,
especially if you have DHT enabled .
DNS is necessary because uTorrent resolves the names of peers
and is also used by the country-locater…
I've highlighted a potential problem with your rule. IF you have other computer resources connected to this computer (ie, the Zone) you are potentially creating an opening/passthrough to another machine via the Zone.
I would instead suggest using the general convention of “Any” for the Destination IP, or if you perhaps have a static IP, using that. This simply decreases the passthrough risk potential. Granted, the risk is probably minimal, but when you’re creating openings with the ports anyway, you want to make sure you leave as small a hole as possible…
Okay, just checking. A couple more things, though, as I look at your questions…
For that Zone, is the IP internal? If so, the rule isn’t going to work for you properly; that Inbound Destination IP (ie, you) needs to be your external point of connection to the internet.
The question about popups from CFP for different ports than your assigned port… In your p2p application, you have to configure it to only use one port. The port 53 I know is an Outbound, not Inbound. You may want to create separate Application rules for it; one In, one Out. Since you’re defining port usage, you want to be able to separate the direction of traffic.
Okay, the IP that the router is giving you is an internal IP - it is only available on your network (even if that’s only one computer). Using this Zone as the Destination for the Incoming NetMon rule for uTorrent will not allow the necessary Incoming connection.
The general practice is to create this Inbound rule in this fashion:
Action: Allow
Protocol: TCP/UDP
Direction: In
Source IP: Any
Destination IP: Any
Source Port: Any
Destination Port: 65000 (whatever port you specify in uT)
Regarding my other comment. You will not see popups (which are application-only) on an Inbound rule; only Outbound. This is due to the way CFP uses its layered security to filter traffic. Port 53 is the Destination Port for a DNS Query; this is an Outbound connection, not Inbound.
Without seeing your logs, my guess is that in uT, you have not configured it to use only certain ports. Either that, or it makes an Outbound connection on different ports than it uses for Inbound.
Where is your Alert Frequency level (Security/Advanced/Miscellaneous)?
hi i appreciate all this help. i have changed the rule to the one you stated, as for the dns thing this is what i found on the utorrent forum
"µTorrent needs to be able to access this port to work properly. It’s for tracker connections. For the record, my browsers are configured similarly in my firewall (Kaspersky), otherwise they don’t work either. "
In the application rule for uT, you simply need to Allow it to connect Out to Destination Port 53 (or respond Allow w/Remember to the popup - which is probably the easiest way to address it).