View Full Version : Aces High Rule
silat
July 12th, 2007, 04:58 AM
Hello,
I play a game called Aces High.
When I have LnS on I get the following message in game:
Not receiving updates switched to TCP
If I turn LnS off then I have no issues.
Guess its time for me to learn:)
What do I need to do/understand to fix this?
Thanks
Lew/+Silat
Frederic
July 12th, 2007, 12:36 PM
Hi silat,
The first thing is to look at the log to see what kind of packets are blocked just after the error message in the game appear.
Frederic
silat
July 12th, 2007, 03:02 PM
-{ Quote: "Hi silat,
The first thing is to look at the log to see what kind of packets are blocked just after the error message in the game appear.
Frederic" }-
Im a noob at this. I did look at the log and cant make heads nor tails of what Im seeing..Lots of information.
{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fswiss\fcharset0 Arial;}}
{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\f0\fs20 07-12-07,14:58:48 D-55 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:4552\par
07-12-07,14:58:48 D-56 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:4553\par
07-12-07,14:58:48 D-57 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:4554\par
07-12-07,14:58:48 D-58 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:4555\par
07-12-07,14:58:48 D-59 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:4556\par
07-12-07,14:58:48 D-60 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:4557\par
07-12-07,14:58:48 D-61 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:4558\par
07-12-07,14:58:48 D-62 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:4559\par
07-12-07,14:58:52 U+63 'APP: Allowed ' ACESHIGH.EXE EXE C:\\PROGRAM FILES\\HTC\\ACES HIGH II\\ACESHIGH.EXE\par
07-12-07,14:58:52 U+64 'APP: Allow TCP ' ACESHIGH.EXE EXE C:\\PROGRAM FILES\\HTC\\ACES HIGH II\\ACESHIGH.EXE,Port: 3002, IP: 12.193.161.229\par
07-12-07,14:58:52 U+65 'APP: Allowed ' ACESHIGH.EXE EXE C:\\PROGRAM FILES\\HTC\\ACES HIGH II\\ACESHIGH.EXE\par
07-12-07,14:58:52 U+66 'APP: Allow TCP ' ACESHIGH.EXE EXE C:\\PROGRAM FILES\\HTC\\ACES HIGH II\\ACESHIGH.EXE,Port: 3002, IP: 12.193.161.229\par
07-12-07,14:58:53 U+67 'APP: Allowed ' ACESHIGH.EXE EXE C:\\PROGRAM FILES\\HTC\\ACES HIGH II\\ACESHIGH.EXE\par
07-12-07,14:58:53 U+68 'APP: Allow TCP ' ACESHIGH.EXE EXE C:\\PROGRAM FILES\\HTC\\ACES HIGH II\\ACESHIGH.EXE,Port: 8001, IP: 206.16.60.38\par
07-12-07,14:58:54 U+69 'APP: Allowed ' ACESHIGH.EXE EXE C:\\PROGRAM FILES\\HTC\\ACES HIGH II\\ACESHIGH.EXE\par
07-12-07,14:58:54 U+70 'APP: Allow UDP ' ACESHIGH.EXE EXE C:\\PROGRAM FILES\\HTC\\ACES HIGH II\\ACESHIGH.EXE,Port: 3004, IP: 206.16.60.39\par
07-12-07,14:58:54 U+71 'APP: Allowed ' ACESHIGH.EXE EXE C:\\PROGRAM FILES\\HTC\\ACES HIGH II\\ACESHIGH.EXE\par
07-12-07,14:58:54 U+72 'APP: Allow UDP ' ACESHIGH.EXE EXE C:\\PROGRAM FILES\\HTC\\ACES HIGH II\\ACESHIGH.EXE,Port: 3004, IP: 206.16.60.38\par
07-12-07,14:58:54 U+73 'APP: Allowed ' ACESHIGH.EXE EXE C:\\PROGRAM FILES\\HTC\\ACES HIGH II\\ACESHIGH.EXE\par
07-12-07,14:58:54 U+74 'APP: Allow UDP ' ACESHIGH.EXE EXE C:\\PROGRAM FILES\\HTC\\ACES HIGH II\\ACESHIGH.EXE,Port: 3004, IP: 206.16.60.37\par
07-12-07,14:58:54 U-75 'UDP : Any other UDP pack' 206.16.60.37 UDP Ports Dest:3004 Src:1807\par
07-12-07,14:58:54 U-76 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:3004 Src:1806\par
07-12-07,14:58:55 U-77 'UDP : Any other UDP pack' 206.16.60.39 UDP Ports Dest:3004 Src:3004\par
07-12-07,14:58:55 U-78 'UDP : Any other UDP pack' 206.16.60.37 UDP Ports Dest:3004 Src:1807\par
07-12-07,14:58:55 U-79 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:3004 Src:1806\par
07-12-07,14:58:56 U-80 'UDP : Any other UDP pack' 206.16.60.39 UDP Ports Dest:3004 Src:3004\par
07-12-07,14:58:56 U-81 'UDP : Any other UDP pack' 206.16.60.37 UDP Ports Dest:3004 Src:1807\par
07-12-07,14:58:56 U-82 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:3004 Src:1806\par
07-12-07,14:58:57 U-83 'UDP : Any other UDP pack' 206.16.60.39 UDP Ports Dest:3004 Src:3004\par
07-12-07,14:58:57 U-84 'UDP : Any other UDP pack' 206.16.60.37 UDP Ports Dest:3004 Src:1807\par
07-12-07,14:58:57 U-85 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:3004 Src:1806\par
07-12-07,14:58:58 U-86 'UDP : Any other UDP pack' 206.16.60.39 UDP Ports Dest:3004 Src:3004\par
07-12-07,14:58:58 U-87 'UDP : Any other UDP pack' 206.16.60.37 UDP Ports Dest:3004 Src:1807\par
07-12-07,14:58:58 U-88 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:3004 Src:1806\par
07-12-07,14:58:59 U-89 'UDP : Any other UDP pack' 206.16.60.39 UDP Ports Dest:3004 Src:3004\par
07-12-07,14:58:59 U+90 'APP: Allowed ' ACESHIGH.EXE EXE C:\\PROGRAM FILES\\HTC\\ACES HIGH II\\ACESHIGH.EXE\par
07-12-07,14:58:59 U+91 'APP: Allow TCP ' ACESHIGH.EXE EXE C:\\PROGRAM FILES\\HTC\\ACES HIGH II\\ACESHIGH.EXE,Port: 4190, IP: 206.16.60.38\par
07-12-07,14:59:05 U+92 'APP: Allowed ' ACESHIGH.EXE EXE C:\\PROGRAM FILES\\HTC\\ACES HIGH II\\ACESHIGH.EXE\par
07-12-07,14:59:05 U+93 'APP: Allow UDP ' ACESHIGH.EXE EXE C:\\PROGRAM FILES\\HTC\\ACES HIGH II\\ACESHIGH.EXE,Port: 4229, IP: 206.16.60.38\par
07-12-07,14:59:05 U-94 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4229 Src:4229\par
07-12-07,14:59:06 U-95 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4229 Src:4229\par
07-12-07,14:59:06 U-96 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4229 Src:4229\par
07-12-07,14:59:06 U-97 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4229 Src:4229\par
07-12-07,14:59:06 U+98 'APP: Allowed ' ACESHIGH.EXE EXE C:\\PROGRAM FILES\\HTC\\ACES HIGH II\\ACESHIGH.EXE\par
07-12-07,14:59:06 U+99 'APP: Allow UDP ' ACESHIGH.EXE EXE C:\\PROGRAM FILES\\HTC\\ACES HIGH II\\ACESHIGH.EXE,Port: 4189, IP: 206.16.60.38\par
silat
July 15th, 2007, 02:12 AM
-{ Quote: "Hi silat,
The first thing is to look at the log to see what kind of packets are blocked just after the error message in the game appear.
Frederic" }-
Dont knw if this helps with the log but I dont have voice ability in the game when LnS runs either.
Frederic
July 15th, 2007, 01:43 PM
Hi,
You should try to create two rules for the following alerts:
07-12-07,14:58:59 U-89 'UDP : Any other UDP pack' 206.16.60.39 UDP Ports Dest:3004 Src:3004
&
07-12-07,14:59:05 U-94 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4229 Src:4229
So, the 2 rules should allow UDP Port 3004 & UDP Port 4229.
To create the rules, just right click on the alerts from the log and in the menu choose create rule for UDP 3004, and then on the second type of alert create rule for UDP 4229.
Frederic
silat
July 15th, 2007, 04:56 PM
-{ Quote: "Hi,
You should try to create two rules for the following alerts:
07-12-07,14:58:59 U-89 'UDP : Any other UDP pack' 206.16.60.39 UDP Ports Dest:3004 Src:3004
&
07-12-07,14:59:05 U-94 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4229 Src:4229
So, the 2 rules should allow UDP Port 3004 & UDP Port 4229.
To create the rules, just right click on the alerts from the log and in the menu choose create rule for UDP 3004, and then on the second type of alert create rule for UDP 4229.
Frederic" }-
Thanks for the help Frederic.
I right clicked on the first item you mentioned and a choice of Client rule or server rule. I picked client. Is that correct?
I could only find the first rule you mentioned.
The log doesnt show the second item you mention. So I started up the game and this is the log:
07-15-07,13:52:38 U+3699 'APP: Allowed ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE
07-15-07,13:52:38 U+3700 'APP: Allow TCP ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE,Port: 3002, IP: 12.193.161.229
07-15-07,13:52:39 U+3701 'APP: Allowed ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE
07-15-07,13:52:39 U+3702 'APP: Allow TCP ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE,Port: 3002, IP: 12.193.161.229
07-15-07,13:52:39 U+3703 'APP: Allowed ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE
07-15-07,13:52:39 U+3704 'APP: Allow TCP ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE,Port: 8001, IP: 206.16.60.38
07-15-07,13:52:40 U+3705 'APP: Allowed ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE
07-15-07,13:52:40 U+3706 'APP: Allow UDP ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE,Port: 3004, IP: 206.16.60.39
07-15-07,13:52:40 U+3707 'APP: Allowed ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE
07-15-07,13:52:40 U+3708 'APP: Allow UDP ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE,Port: 3004, IP: 206.16.60.38
07-15-07,13:52:40 U+3709 'APP: Allowed ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE
07-15-07,13:52:40 U+3710 'APP: Allow UDP ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE,Port: 3004, IP: 206.16.60.37
07-15-07,13:52:43 U+3711 'APP: Allowed ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE
07-15-07,13:52:43 U+3712 'APP: Allow TCP ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE,Port: 4190, IP: 206.16.60.38
07-15-07,13:52:48 U+3713 'APP: Allowed ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE
07-15-07,13:52:48 U+3714 'APP: Allow UDP ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE,Port: 4314, IP: 206.16.60.38
07-15-07,13:52:49 U-3715 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:49 U-3716 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:49 U-3717 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:49 U-3718 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:49 U+3719 'APP: Allowed ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE
07-15-07,13:52:49 U+3720 'APP: Allow UDP ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE,Port: 4189, IP: 206.16.60.38
07-15-07,13:52:50 U-3721 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:52:50 U-3722 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:50 U-3723 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:50 U-3724 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:50 U-3725 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:50 U-3726 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:51 U-3727 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:51 U-3728 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:51 U-3729 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:51 U-3730 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:52 U-3731 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:52 U-3732 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:52 U-3733 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:52 U-3734 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:53 U-3735 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:53 U-3736 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:53 U-3737 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:53 U-3738 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:54 U-3739 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:54 U-3740 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:54 U-3741 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:54 U-3742 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:55 U-3743 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:55 U-3744 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:55 U-3745 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:55 U-3746 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:56 U-3747 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:56 U-3748 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:56 U-3749 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:56 U-3750 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:57 U-3751 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:57 U-3752 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:57 U-3753 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:57 U-3754 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:58 U-3755 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:58 U-3756 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:58 U-3757 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:58 U-3758 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:59 U-3759 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:59 U-3760 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:59 U-3761 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:52:59 U-3762 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:52:59 U-3763 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:53:00 U-3764 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:00 U-3765 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:53:00 U-3766 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:00 U-3767 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:53:00 U-3768 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:00 U-3769 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:53:00 U-3770 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:00 U-3771 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:53:01 U-3772 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:01 U-3773 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:01 U-3774 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:01 U-3775 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:53:01 U-3776 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:53:01 U-3777 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:53:01 U-3778 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:01 U-3779 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:53:02 U-3780 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:02 U-3781 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:53:02 U-3782 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:02 U-3783 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:02 U-3784 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:02 U-3785 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:53:02 U-3786 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:53:02 U-3787 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:53:03 U-3788 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:53:03 U-3789 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:53:03 U-3790 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4314 Src:4314
07-15-07,13:53:04 U-3791 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:04 U-3792 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:04 U-3793 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:04 U-3794 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:04 U-3795 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:05 U-3796 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:06 U-3797 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:06 U-3798 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:06 U-3799 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:06 U-3800 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:07 U-3801 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:07 U-3802 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:07 U-3803 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:07 U-3804 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:07 U-3805 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:08 U-3806 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:08 U-3807 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:08 U-3808 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:08 U-3809 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:09 U-3810 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:09 U-3811 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:12 U-3812 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:12 U-3813 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:13 U-3814 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:13 U-3815 'UDP : Any other UDP pack' 206.16.60.38 UDP Ports Dest:4189 Src:4189
07-15-07,13:53:20 U+3816 'APP: Allowed ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE
07-15-07,13:53:20 U+3817 'APP: Allow TCP ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE,Port: 3002, IP: 12.193.161.229
07-15-07,13:53:21 U+3818 'APP: Allowed ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE
07-15-07,13:53:21 U+3819 'APP: Allow TCP ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE,Port: 3002, IP: 12.193.161.229
07-15-07,13:53:21 D-3820 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:4029
07-15-07,13:53:21 D-3821 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:4030
07-15-07,13:53:21 D-3822 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:4031
07-15-07,13:53:21 D-3823 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:4032
07-15-07,13:53:21 D-3824 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:4033
07-15-07,13:53:21 D-3825 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:4034
07-15-07,13:53:21 D-3826 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:4035
07-15-07,13:53:21 D-3827 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:4036
07-15-07,13:53:21 D-3828 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:4037
07-15-07,13:53:21 D-3829 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:4038
07-15-07,13:53:21 D-3830 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:4039
07-15-07,13:53:21 U+3831 'APP: Allowed ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE
07-15-07,13:53:21 U+3832 'APP: Allow TCP ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE,Port: 8001, IP: 206.16.60.38
07-15-07,13:53:22 U+3833 'APP: Allowed ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE
07-15-07,13:53:22 U+3834 'APP: Allow UDP ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE,Port: 3004, IP: 206.16.60.39
07-15-07,13:53:22 U+3835 'APP: Allowed ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE
07-15-07,13:53:22 U+3836 'APP: Allow UDP ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE,Port: 3004, IP: 206.16.60.38
07-15-07,13:53:22 U+3837 'APP: Allowed ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE
07-15-07,13:53:22 U+3838 'APP: Allow UDP ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE,Port: 3004, IP: 206.16.60.37
Frederic
July 15th, 2007, 05:06 PM
At least it solved the alerts for the port 3004.
For the second port it seems the value is more dynamic (4229 in the first post and now 4314, 4189).
Is there any documentation/FAQ where you will find which ports have to be open ?
Frederic
Seer
July 15th, 2007, 05:21 PM
Hello.
This is from Aces High II site:
-{ Quote: "Q; I keep getting the message "Not receiving updates switching to TCP"
A: This message means your connection is not working properly using the UDP connection method/protocol.
The UDP protocol is generally faster, but less reliable and is the preferred method of communication with your computer.
Loosing UDP, typically, happens when you are running from behind a firewall or proxy of some sort. It can also happen if your connection fails, as Aces High II tries an alternate method of connection. Or the failure can stem from your anti-virus program.
If Aces High II always does this, but works fine, you likely are behind a firewall that will not let the UDP packets through." }-
This is from the forums:
-{ Quote: "In this post, I will try to give you helpful information on how to interpret your connection to the various servers that HiTech Creations deploys.
First, the server IP addresses, to be used for traces/ping plots.
Early, Mid, Late War Orange Main Arena Server Address: 206.16.60.39
Axis vs Allies, Training, Dueling, Late War Blue: 206.16.60.38
Special Events: 206.16.60.37
The current port range for all arenas in Aces High is 2000-6000, inclusive, for UDP and TCP. Aces High will use a random subset of those ports for all online play (8 Player included)." }-
Hope that helps. OP, go to the forums (http://www.flyaceshigh.com/frindex.html), direct links could not be pasted. You may find some more useful info.
Cheers.
silat
July 15th, 2007, 08:13 PM
-{ Quote: "Hello.
This is from Aces High II site:
This is from the forums:
Hope that helps. OP, go to the forums (http://www.flyaceshigh.com/frindex.html), direct links could not be pasted. You may find some more useful info.
Cheers." }-
LOL... :)
Im a trainer for the game.:)
I know all that information. What I dont know is how to setup LnS properly:)
Seer
July 16th, 2007, 03:31 AM
Hello silat. :)
-{ Quote: "I know all that information." }-
Oh... Hmm... OK then. :)
However, you should've stated IP/port requirements for the game initially in your first post.. or in the second.. or in the third... It just didn't look to me that you are aware of these specifications.
Nevertheless, my post should help Frederic in creating your rules for the excellent LnS...
Cheers again and happy training I wish to you. :D
silat
July 16th, 2007, 05:15 AM
-{ Quote: "Hello silat. :)
Oh... Hmm... OK then. :)
However, you should've stated IP/port requirements for the game initially in your first post.. or in the second.. or in the third... It just didn't look to me that you are aware of these specifications.
Nevertheless, my post should help Frederic in creating your rules for the excellent LnS...
Cheers again and happy training I wish to you. :D" }-
Yes I should have. I thought that someone would see the log and see what was being blocked. I didnt intentionally leave out information.
But Im not understanding any of this:)
I havent yet figured out what Im looking for in the log that you guys/gals see to even make a rule. And I wouldnt know the first thing about what a RULE should say:)
My apologies if Ive caused any trouble.
Frederic
July 16th, 2007, 05:58 AM
Hi Silat,
You can use the following rule as a template:
http://www.looknstop.com/En/rules/rules.htm#TCPClient
Import it in your ruleset and then edit it.
In the port section:
- instead of "equal to" select "Range A-B"
- instead of 55555 put 2000 and 6000 (as per the information given by The Seer)
- click Ok
- click Apply
- click Save
If it works, for a better protection you can later attach an application to the rule by editing it again, clicking the application button and choosing the program game, so the rule will be enabled only when the game connects to internet.
Frederic
silat
July 16th, 2007, 04:46 PM
-{ Quote: "Hi Silat,
You can use the following rule as a template:
http://www.looknstop.com/En/rules/rules.htm#TCPClient
Import it in your ruleset and then edit it.
In the port section:
- instead of "equal to" select "Range A-B"
- instead of 55555 put 2000 and 6000 (as per the information given by The Seer)
- click Ok
- click Apply
- click Save
If it works, for a better protection you can later attach an application to the rule by editing it again, clicking the application button and choosing the program game, so the rule will be enabled only when the game connects to internet.
Frederic" }-
Thanks for all the help Frederic...
Ive attached my changes.
It didnt work..
Seer
July 16th, 2007, 06:58 PM
Hello again silat.
This will not work. As per stated here
-{ Quote: "The UDP protocol is generally faster, but less reliable and is the preferred method of communication with your computer." }-
you would have to open datagram (UDP) communications for the game. What that rule did, is opened only TCP.
Try this one:
191750
Of course, please report back...
Cheers. :)
silat
July 16th, 2007, 08:14 PM
-{ Quote: "Hello again silat.
This will not work. As per stated here
you would have to open datagram (UDP) communications for the game. What that rule did, is opened only TCP.
Try this one:
191750
Of course, please report back...
Cheers. :)" }-
Thanks:)
Im supposed to edit the rule I previously made yes?
silat
July 16th, 2007, 08:25 PM
Hi :)
Im still getting the "Not receiving updates switched to TCP"
:-\
Seer
July 16th, 2007, 08:45 PM
Please post some log entries now...
silat
July 21st, 2007, 03:06 AM
-{ Quote: "Please post some log entries now..." }-
Sorry went to visit eldest daughter:)
Now Im only losing the UDP periodically
Maybe you could tell me what you see in the log so I can learn? I think Im teachable:)
07-21-07,00:00:43 D-1005 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3149
07-21-07,00:00:43 D-1006 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3150
07-21-07,00:00:43 D-1007 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3151
07-21-07,00:00:43 D-1008 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3152
07-21-07,00:00:43 D-1009 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3153
07-21-07,00:00:43 D-1010 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3154
07-21-07,00:00:43 D-1011 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3155
07-21-07,00:00:43 D-1012 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3156
07-21-07,00:00:43 D-1013 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3157
07-21-07,00:00:43 D-1014 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3158
07-21-07,00:00:43 D-1015 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3159
07-21-07,00:02:44 D-1016 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3160
07-21-07,00:02:44 D-1017 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3161
07-21-07,00:02:44 D-1018 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3162
07-21-07,00:02:44 D-1019 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3163
07-21-07,00:02:44 D-1020 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3164
07-21-07,00:02:44 D-1021 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3165
07-21-07,00:02:44 D-1022 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3166
07-21-07,00:02:44 D-1023 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3167
07-21-07,00:02:44 D-1024 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3168
07-21-07,00:02:44 D-1025 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3169
07-21-07,00:02:44 D-1026 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3170
Climenole
July 21st, 2007, 08:16 AM
Hi silat :)
This:
07-21-07,00:00:43 D-1005 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3149
is related to a Windows service: Simple Service Discovery... on port 1900.
I'm not sure you need it, so try first to stop it and put it in manual mode instead of automatic ... Start | Run | services.msc ... right click, properties ...
For the game rule replace the port range on the left side of the editing windows by "in local" ... (= 1024 to 5000 in XP and 49152-65535 in Vista). And check it again.
If there is some blocking change the local port range again but this time from 1024 to 65535.
Also: the restriction to the games server ports in the rule is okay but for testing the best is to put all IP addresses instead...
:)
silat
July 24th, 2007, 07:01 PM
SSDP service has dependencies of Universal plug and play devices. It was on manual already. I will disable and see if it causes any problems..
You say: "For the game rule replace the port range on the left side of the editing windows by "in local" (I hope this means "in range")... 1024 to 5000 in XP" and "If there is some blocking change the local port range again but this time from 1024 to 65535"
I setup for the first suggestion until I find if we need to try the second:) But I put 6000 in because that was the top of the range that seer had found for the game. Is this correct?
Ive enclosed a jpg of the change. I had to change 2 places to the range you specified. I hope this is correct.
You also say: "the restriction to the games server ports in the rule is okay but for testing the best is to put all IP addresses instead... "
Put them where? :)
Climenole
July 24th, 2007, 07:53 PM
Hi Silat :)
Still working on this ?
All IP addresses for outgoing ...
Image 1 : your setup
Image 2: all addr. setup ...
:)
silat
July 24th, 2007, 09:19 PM
-{ Quote: "Hi Silat :)
Still working on this ?
All IP addresses for outgoing ...
Image 1 : your setup
Image 2: all addr. setup ...
:)" }-
Ok I think I have it.. Now.. I have a question :)
Ive looked at the logs and cant find how you knew what was causing the problem.. What am I missing? You mentioned line : 07-21-07,00:00:43 D-1005 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:3149 thru 3170
I see the SSDP/Upnp. Now I understand that means the SSDP service.
So was the setting for "all" ips the one causing the problem?
And I see this line after I start the game: 07-15-07,13:53:21 U+3832 'APP: Allow TCP ' ACESHIGH.EXE EXE C:\PROGRAM FILES\HTC\ACES HIGH II\ACESHIGH.EXE,Port: 8001, IP: 206.16.60.38
Port 8001 >? Does that mean that port needs to be allowed in LnS also? If not why. Its the only port I see after game start that is out of the range specified previously by you and the others who have been so kind to help me.
Sorry for being such a beginner here. I really am trying understand but Im starting at the beginning.
I appreciate all the time and effort you people making to teach and help me.
Climenole
July 24th, 2007, 10:28 PM
Hi Silat :)
I'll try to give you some hints and keep things simple...
1- Most of the programs connecting to Internet are using the TCP protocol,
like browser, emailer, Irc client and so on...
You don't have to create any rule for these since they are checked and managed (with the LnS Enhanced rules set) general rule "Allow common Internet applications".
2- Specific rules for a program are required when:
a) the program is a server program
Ex. Apache for a web server, Filezilla server for an Ftp server or the "server" part of any P2P program
b) the program is using "non-standard" local ports
the standard local ports used by almost all programs are:
1024 to 5000 in W xp
49152 to 65535 in W Vista
60000 to 65000 with Xp sp2 Internet connection sharing
c) the program is using UDP protocol...
This required specific rule since there is no general rule like in TCP...
3) Now, how to create specific rules in easy way?
There is 3 method:
a) on the fly: you check in the LnS log , select a blocked entry, right click and create a rule. This is good for simple programs and the rule have to be modified most of the times.
b) with specific blocking rules: one for outgoing TCP and other one for outgoing UDP. Try the program and check in the log the blocked packets shows by these rules. You create rule from this information...
c) by using a test rule. Create a rule allowing all ports , all IP addresses for the program you want to check. Use it and you'll see all entries of the Test rule related to this program. You build rules based on this...
One trick: when you create rules don't make it to much restrictive. More accurate setup comes later.
4) In you last message you show a screen capture of a rule with the same restrictive port range for local ports and remote post... even without testing I'm sure a 99% that this rule is not correct.
The most simple way to resolve you problem is to create a test rule with few restrictions...
1- Add the program in the rule with the "Appplication button".
add the program from the right list to the left one and save.
2- Used TCP or UDP protocol
3- put Equal My @ : this is equal to your IP address.
This is the side for local ports so:
4- put in local as range (work with XP and Vista)
5- No restrictions for remote ports and addresses
Here the picture and the rule to import.
To import:
download the file ace.rie.TXT
rename the file by removing the trailing ".TXT"
import in LnS
double click on the rule
click on "applications..." button
add the program to be tested here and save...
And now try your program with this...
silat
July 25th, 2007, 02:08 AM
Thanks:)
I actually made the rule per your instructions then downloaded it to see if I did it correctly.
I also now see that I had made the rule incorrectly by making it with the same restrictive port range for local ports and remote ports as you pointed out. :) So I learned something.
If I understand correctly we have now basically opened up everything for the game only?
And back to your previous post where you told me to turn off Services ssdp, I had thought I understood where you were seeing it in the log but after turning it off I see that almost every line in the log ends with SSDP.
Short part of log:
07-24-07,00:13:32 D-7103 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1356
07-24-07,00:13:32 D-7104 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1357
07-24-07,00:13:32 D-7105 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1358
07-24-07,00:13:32 D-7106 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1359
07-24-07,00:15:33 D-7107 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1361
07-24-07,00:15:33 D-7108 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1362
07-24-07,00:15:33 D-7109 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1363
07-24-07,00:15:33 D-7110 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1364
07-24-07,00:15:33 D-7111 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1365
07-24-07,00:15:33 D-7112 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1366
07-24-07,00:15:33 D-7113 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1367
07-24-07,00:15:33 D-7114 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1368
07-24-07,00:15:33 D-7115 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1369
07-24-07,00:15:33 D-7116 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1370
07-24-07,00:15:33 D-7117 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1371
07-24-07,00:17:34 D-7118 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1372
So how did you know (see) that SSDP service was on(it was set to manual)? Now it is disabled..
Thanks
Climenole
July 25th, 2007, 07:15 AM
Hi Silat :)
-{ Quote: "Thanks:)
I actually made the rule per your instructions then downloaded it to see if I did it correctly.
I also now see that I had made the rule incorrectly by making it with the same restrictive port range for local ports and remote ports as you pointed out. :) So I learned something.
" }-
Great! You'll be an LnS expert soon! :thumb:
-{ Quote: "
If I understand correctly we have now basically opened up everything for the game only?
" }-
That's right. From this you may check in the log to see which ports are used by this program and restrict the rule to the port or port range actually used by "Ace".
The important is to allow the program and monitor it with that test rule.
-{ Quote: "
And back to your previous post where you told me to turn off Services ssdp, I had thought I understood where you were seeing it in the log but after turning it off I see that almost every line in the log ends with SSDP.
Short part of log:
07-24-07,00:13:32 D-7103 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1356
07-24-07,00:13:32 D-7104 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1357
07-24-07,00:13:32 D-7105 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1358
07-24-07,00:13:32 D-7106 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1359
07-24-07,00:15:33 D-7107 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1361
07-24-07,00:15:33 D-7108 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1362
07-24-07,00:15:33 D-7109 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1363
07-24-07,00:15:33 D-7110 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1364
07-24-07,00:15:33 D-7111 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1365
07-24-07,00:15:33 D-7112 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1366
07-24-07,00:15:33 D-7113 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1367
07-24-07,00:15:33 D-7114 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1368
07-24-07,00:15:33 D-7115 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1369
07-24-07,00:15:33 D-7116 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1370
07-24-07,00:15:33 D-7117 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1371
07-24-07,00:17:34 D-7118 'UDP : Any other UDP pack' 192.168.1.1 UDP Ports Dest:SSDP/UPnP Src:1372
So how did you know (see) that SSDP service was on(it was set to manual)? Now it is disabled..
Thanks" }-
Ok. Here the SSDP packets going to 192.168.1.1 which is the local IP addr. for the router or PC used as server for Connection Sharing...
(If SSDP was put in manual startup and still started it's because an other service launch it....)
In the log sample we have these informations:
1- D- means : download blocked
2- SSDP = port 1900
3- Src= the source ports used. Here 1356, 1357, 1372, etc.
It'a appear that the standard local ports are used: 1024 to 5000
4- 192.168.1.1 the IP addr, from where the download comes...
So here the rule from which we can start:
Protocol UDP
Packets : in and out
IP: put nothings for the moment...
Ports: in Local (or 1024 to 5000)
remote IP: put nothings here for the moment...
"remote" port : 1900
Application: Generic Host Process for Windows (svchost)
Save, apply and reboot...
Just import the rule attached here.
:)
silat
August 7th, 2007, 06:22 PM
Here is the log after applying your rule.
The game runs fine so far but I dont understand what I change:)
Here are 3 pages:
08-07-07,12:02:11 D-0 'TCP : Block incoming con' 68.158.4.185 TCP Ports Dest:4899 Src:61215
08-07-07,12:43:00 U-1 'UDP : Any other UDP pack' 255.255.255.255 UDP Ports Dest:bootps Src:3715
08-07-07,13:34:55 U+2 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:3002 Src:1599
08-07-07,13:34:55 U+3 'ACE Test Rule ' 68.87.69.146 UDP Ports Dest:domain Src:1600
08-07-07,13:34:55 D+4 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:1599 Src:3002
08-07-07,13:34:55 U+5 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:3002 Src:1599
08-07-07,13:34:55 U+6 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:3002 Src:1599
08-07-07,13:34:55 D+7 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:1599 Src:3002
08-07-07,13:34:55 U+8 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:3002 Src:1599
08-07-07,13:34:55 D+9 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:1599 Src:3002
08-07-07,13:34:55 D+10 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:1599 Src:3002
08-07-07,13:34:55 D+11 'ACE Test Rule ' 68.87.69.146 UDP Ports Dest:1600 Src:domain
08-07-07,13:34:55 U+12 'ACE Test Rule ' 68.87.69.146 UDP Ports Dest:domain Src:1601
08-07-07,13:34:55 D+13 'ACE Test Rule ' 68.87.69.146 UDP Ports Dest:1601 Src:domain
08-07-07,13:34:56 D+14 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:1599 Src:3002
08-07-07,13:34:56 U+15 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:3002 Src:1602
08-07-07,13:34:56 D+16 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:1602 Src:3002
08-07-07,13:34:56 U+17 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:3002 Src:1602
08-07-07,13:34:56 U+18 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:3002 Src:1602
08-07-07,13:34:56 U+19 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:3002 Src:1599
08-07-07,13:34:56 D+20 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:1602 Src:3002
08-07-07,13:34:56 D+21 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:1602 Src:3002
08-07-07,13:34:56 U+22 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:3002 Src:1599
08-07-07,13:34:56 D+23 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:1599 Src:3002
08-07-07,13:34:56 D+24 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:1599 Src:3002
08-07-07,13:34:56 U+25 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:3002 Src:1602
08-07-07,13:34:56 D+26 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:1602 Src:3002
08-07-07,13:34:56 U+27 'ACE Test Rule ' 206.16.60.38 TCP Ports Dest:8001 Src:1603
08-07-07,13:34:56 D+28 'ACE Test Rule ' 206.16.60.38 TCP Ports Dest:1603 Src:8001
08-07-07,13:34:56 U+29 'ACE Test Rule ' 206.16.60.38 TCP Ports Dest:8001 Src:1603
08-07-07,13:34:56 U+30 'ACE Test Rule ' 68.87.69.146 UDP Ports Dest:domain Src:1604
08-07-07,13:34:56 U+31 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:3002 Src:1602
08-07-07,13:34:56 D+32 'ACE Test Rule ' 68.87.69.146 UDP Ports Dest:1604 Src:domain
08-07-07,13:34:56 U+33 'ACE Test Rule ' 206.16.60.38 TCP Ports Dest:8001 Src:1603
08-07-07,13:34:56 U+34 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:3002 Src:1602
08-07-07,13:34:57 U+35 'ACE Test Rule ' 206.16.60.38 TCP Ports Dest:8001 Src:1603
08-07-07,13:34:57 D+36 'ACE Test Rule ' 206.16.60.38 TCP Ports Dest:1603 Src:8001
08-07-07,13:34:57 D+37 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:1602 Src:3002
08-07-07,13:34:57 D+38 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:1602 Src:3002
08-07-07,13:34:57 U+39 'ACE Test Rule ' 12.193.161.229 TCP Ports Dest:3002 Src:1602
08-07-07,13:34:57 D+40 'ACE Test Rule ' 206.16.60.38 TCP Ports Dest:1603 Src:8001
08-07-07,13:34:57 D+41 'ACE Test Rule ' 206.16.60.38 TCP Ports Dest:1603 Src:8001
08-07-07,13:34:57 U+42 'ACE Test Rule ' 206.16.60.38 TCP Ports Dest:8001 Src:1603
08-07-07,13:34:57 D+43 'ACE Test Rule ' 206.16.60.38 TCP Ports Dest:1603 Src:8001
08-07-07,13:34:57 U+44 'ACE Test Rule ' 206.16.60.38 TCP Ports Dest:8001 Src:1603
08-07-07,13:34:57 U+45 'ACE Test Rule ' 206.16.60.37 UDP Ports Dest:3004 Src:1606
08-07-07,13:34:57 D+46 'ACE Test Rule ' 206.16.60.37 UDP Ports Dest:1606 Src:3004
08-07-07,13:34:58 U+47 'ACE Test Rule ' 206.16.60.38 UDP Ports Dest:3004 Src:1605
08-07-07,13:34:58 D+48 'ACE Test Rule ' 206.16.60.38 UDP Ports Dest:1605 Src:3004
08-07-07,13:34:58 U+49 'ACE Test Rule ' 206.16.60.39 UDP Ports Dest:3004 Src:3004
08-07-07,13:34:58 D+50 'ACE Test Rule ' 206.16.60.39 UDP Ports Dest:3004 Src:3004
08-07-07,13:34:58 U+51 'ACE Test Rule ' 206.16.60.37 UDP Ports Dest:3004 Src:1606
08-07-07,13:34:58 D+52 'ACE Test Rule ' 206.16.60.37 UDP Ports Dest:1606 Src:3004
08-07-07,13:34:59 U+53 'ACE Test Rule ' 206.16.60.38 UDP Ports Dest:3004 Src:1605
08-07-07,13:34:59 D+54 'ACE Test Rule ' 206.16.60.38 UDP Ports Dest:1605 Src:3004
08-07-07,13:34:59 U+55 'ACE Test Rule ' 206.16.60.39 UDP Ports Dest:3004 Src:3004
08-07-07,13:34:59 D+56 'ACE Test Rule ' 206.16.60.39 UDP Ports Dest:3004 Src:3004
08-07-07,13:34:59 U+57 'ACE Test Rule ' 206.16.60.37 UDP Ports Dest:3004 Src:1606
08-07-07,13:35:00 D+58 'ACE Test Rule ' 206.16.60.37 UDP Ports Dest:1606 Src:3004
08-07-07,13:35:00 U+59 'ACE Test Rule ' 206.16.60.38 UDP Ports Dest:3004 Src:1605
08-07-07,13:35:00 D+60 'ACE Test Rule ' 206.16.60.38 UDP Ports Dest:1605 Src:3004
08-07-07,13:35:00 U+61 'ACE Test Rule ' 206.16.60.39 UDP Ports Dest:3004 Src:3004
08-07-07,13:35:00 D+62 'ACE Test Rule ' 206.16.60.39 UDP Ports Dest:3004 Src:3004
08-07-07,13:35:00 U+63 'ACE Test Rule ' 206.16.60.37 UDP Ports Dest:3004 Src:1606
08-07-07,13:35:01 D+64 'ACE Test Rule ' 206.16.60.37 UDP Ports Dest:1606 Src:3004
08-07-07,13:35:01 U+65 'ACE Test Rule ' 68.87.69.146 UDP Ports Dest:domain Src:1607
08-07-07,13:35:01 U+66 'ACE Test Rule ' 206.16.60.38 UDP Ports Dest:3004 Src:1605
08-07-07,13:35:01 U+67 'ACE Test Rule ' 206.16.60.38 TCP Ports Dest:8001 Src:1603
08-07-07,13:35:01 U+68 'ACE Test Rule ' 206.16.60.38 TCP Ports Dest:4190 Src:1608
vBulletin® Copyright ©2000-2012, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2012, Wilders Security Forums