Hello.

Can I block UDP (all ports, all IPs) for a particukar applicaction using Application Filtering in LnS?

Is there something like "!*" or "!*.*.*.*" in there?

-{ Quote: "Hello.

Can I block UDP (all ports, all IPs) for a particukar applicaction using Application Filtering in LnS?

Is there something like "!*" or "!*.*.*.*" in there?" }-



Hello imsai,


If you are in Advanced Mode, a new button "Edit" is displayed in the Application Filtering page. This allows you to select ports and IP for the current selected application. By clicking this button (or double-clicking the application) the following dialog box will open:

Please See help file builit in and it's all in there!.I just cut and pasted all this from the help file,when you are in app filtering hit the help button and scroll down near the bottom of the help file and it will tell you how it is done.

If you wanted to block all ports on an app you would type in !1-65535 (as is )and all ports would be blocked to that APP.

If you want certain IP's and ports just follow the help file it all in there.

Just be careful when adding a range there are no spaces ex: 192.1x8.0.1-192.168.0.100;2x.2x0.241.3x;2x.2x1.2x5.77;24.xxx.243.122


The above is an example of one of one app I set up protection on and then I added the ports 25;80;125 there are no spaces it is as shown.

And if you wanted to block this for any reason you just add an ! in front of the IP range so it would be !292.1x8.0.1-292.1x8.0.100 it has now blocked all ports to that App.


There are 4 selections:

ports to allow/block for TCP protocol,
ports to allow/block for UDP protocol,
IP Address to allow/block for the TCP protocol,
IP Address to allow/block for the UDP protocol,
Use ; as a separator, - to specify a range, and ! for blocking.
For instance, to block the range 192.168.0.1 to 192.168.0.100 and also 192.168.100.100 you have to enter: !192.168.0.1-192.168.0.100;!192.168.100.100

An application with a port or address IP selection appears in the list with a .(Yellow) Icon

To do this correctly you will have to find out what software your programs IP. Use Whois and it will show you the range that your programs use as there sever and by looking at the log file it is very easy to find what program is using certain ports to connect and you add them as above.

Good luck it's all in the LnS help file in App filtering.:)

Thank you.

There is no abbreviation?
When I select !1-65535 have I to specify IP also?

-{ Quote: "Thank you.

There is no abbreviation?
When I select !1-65535 have I to specify IP also?" }-


Hello imsai,


No, if you want to block all ports that's all you have to do.But if you wanted to allow certain IP ranges you would have to add them,and there allowed ports.


But it sounds like you just want to block everything on that App? So !1-65535 would do all that for you.No need to add IP ranges to block.



Also if you wanted to test it, look at your log file,and you will see IP's blocked under that App,due to the fact that you just blocked all ports to that App.

Good luck if you need to know more just ask :)

-{ Quote: "If you want certain IP's (...) follow the help file it all in there." }-

Can't find - may I use same kind of mask or wildcard there?

-{ Quote: "Can't find - may I use same kind of mask or wildcard there?" }-



Hello,

I am not sure if you can't find it? Or your not sure how to go about doing this?

You must! be in the Application tab of LnS and then press Help.

Scroll down a little in App help file and all the info is in there.

As below:

There are 4 selections:

ports to allow/block for TCP protocol,
ports to allow/block for UDP protocol,
IP Address to allow/block for the TCP protocol,
IP Address to allow/block for the UDP protocol,
Use ; as a separator, - to specify a range, and ! for blocking.
For instance, to block the range 192.168.0.1 to 192.168.0.100 and also 192.168.100.100 you have to enter: !192.168.0.1-192.168.0.100;!192.168.100.100

An application with a port or address IP selection appears in the list with a .(Yellow) Icon


As for allowing a IP range you would just put as is :
192.168.0.1-192.168.0.100


To Block:
!192.168.0.1-192.168.0.100




Use ; as a separator, - to specify a range, and ! for blocking


And that's about it.


If you wanted to add a range of IP's and ports it would look like this
and there are no spaces or it will get deleted!


Example: App: Windows Media Player IP range & my DnS severs to make this connection work.Example ONLY!

TCP:
Ports:25;80;125
@IP: 192.168.0.1-192.168.0.100;24.133.X.21;24.218.24.176
MS & My DnS


Example: App: Windows Media Player IP range and my DnS severs to make this connection work.Example ONLY!


UPD:
Ports:80;125
@IP: 192.168.0.1-192.168.0.100;24.133.X.21;24.218.24.176

MS & My DnS Servers


If your still not sure just ask again :)

Yes. :-)

But I'm not sure if I can use something like 62.62.*.7[2-7] instead of 62.62.1.72-62.62.255.72;62.62.25.72-62.62.25.77 for example?

Are they any wildcards allowed?

-{ Quote: "Yes. :-)

But I'm not sure if I can use something like 62.62.*.7[2-7] instead of 62.62.1.72-62.62.255.72;62.62.25.72-62.62.25.77 for example?

Are they any wildcards allowed?" }-


What you are asking for, I don't think there are any other options besides:

Use[ ; ]as a separator

[ - ]to specify a range

and[ ! ]for blocking


I do understand about wildcards but I don't think there are any.Besides the options above.Sorry but maybe somebody else would know for sure.:-\

The only problem I find is the limit on IP's and Ports that you can add. Too many! And it will tell you so[Limit Reached!].Internet Explorer can't be done unless you visit very few sites.

But most other App's can added with a list of IP's and Ports with no problem.

Good Luck

-{ Quote: "Can I block UDP (all ports, all IPs) for a particukar applicaction using Application Filtering in LnS?" }-
What exactly are you trying to accomplish? You might want to consider restrictive permit rules and let the firewall deny anything else.

Regards,

CrazyM

I'm just trying to find the most flexible way to control each application connections. :-)

Yes, you are right.
I will try this way.