Hi. Is anyone familiar with NPF2002. I need help setting an outbound rule for an application to a specific port.
Many thanks. Gandalf

Ask away :)

Regards,

CrazyM

Thanks for the quick reply CrazyM. The application I need to set the rule for is Port Explorer. I asked there first and they told me what was needed but weren't familiar with NFP2002.
First I scanned for Internet enabled applications and PE wasn't listed so I added PE.exe manually to the list.
What I need help with is how exactly do I create a rule to allow PE an outbound rule to TCP port 43 to get the built in whois facility to work as PE Forum says my Firewall is stopping it. I don't even know the URL or IP adress numbers to use for whois or how to access the settings panels.
I hope I'm explaining myself ok.
Many thanks for your time.
G.

Rule xx Port Explorer Who Is
Rule in use: Yes
Logging: No
Protocol: TCP
Action: Permit
Direction: Outbound
Application: Port Explorer
Local Service: (1024 - 5000)
...Range Begin: 1024
.....Range End: 5000
Local Address: Any Address
Remote Service:
...............Port: 43
Remote Address: Any Address

As the Who Is look up will use multiple servers, it is best to leave the remote address to any.

Regards,

CrazyM

CrazyM. Thanks for your quick reply, but in NPF2002 I can't find the section you have to use to input the info you have provided. I click on "Internet Access Control" which list all internet enabled applications. I had to manually add Port Explorer.exe to the list then after highlighting Port Explorer I get the option to customize. The boxes that appear do not correspond to be able to input any of your info. Would it help if I sent some screen shots of the boxes?
Gandalf

Another way to create the Who Is rule for PE would be to:
- delete any existing rule(s) for this in NIS
- start PE and use the Who Is feature
- when NIS prompts, select manual and work through the wizard
- as noted above, make sure remote address is set for any (the wizard will usually enter the IP, you will just have to delete it and select any)

Let me know if that works for you.

Regards,

CrazyM

CrazyM. Thanks for your reply. Still no good. I even managed to find a tutorial for creating rule in NPF2002 - followed to the letter but no good.
As a test, I temporarily disabled Firewall and Whois utility worked like a charm.
For now I've added Whois.arin web page to my search bookmarks.
Gandalf

Going OT a little but try DNSStuff (www.dnsstuff.com) - it can do whois queries and a great deal more.

-{ Quote: "Thanks for your reply. Still no good. I even managed to find a tutorial for creating rule in NPF2002 - followed to the letter but no good." }-

Have a look at the following section on this site and see if it helps.

AtGuard/NIS Creating/Modifying Rules (http://www.gpick.com/agnisrules/pages/creating.html)

Regards,

CrazyM

Thanks CrazyM. I will work through it over the weekend.
Gandalf

-{ Quote: "Going OT a little but try DNSStuff (www.dnsstuff.com) - it can do whois queries and a great deal more." }-
Cheers. Will use until I find out why my Firewall won't allow access to the inbuilt utility in PE.
Many thanks for the url.
Gandalf

CrazyM. This is driving me nuts! Have created rule to allow whois access (it is all in just one rule is it?)
Still no joy.
Rule description reads: Permit, Direction: Outbound,Computer: Any, Communication: Specific, Protocol: TCP
In specific I entered the range of ports you suppied and port no 43 in remote.

Am considering upgrading to NFP2004 - maybe that might help.
Gandalf

Gandalf,

I've read through this over the past few days and watched the thread evolve and, to be quite honest about it, I'm not sure what your problem is, either!

The only idea that even comes to mind is to very carefully check the complete path to Port Explorer and then verify (using Windows Explorer) that the path is completely correct. When I say complete path, I mean confirm the drive is correct, confirm the folder navigation is correct, and then confirm that you've got the name of the executable absolutely correct.

There really is no reason why you should be having a problem with NPF 2002 that going to NIS/NPF 2004 should resolve -- it has to be something else.

Hi Gandalf,

You could install Rules Viewer (free) from Albjan:
http://www.capimonitor.nl/Atguard%20&%20NIS/_loadurl.php?filename=rulesviewer.php

It works on NPF2002, not on 2004.
It allows you to make a nice overview of your rules, and post it here if you like.

-{ Quote: "Gandalf,

I've read through this over the past few days and watched the thread evolve and, to be quite honest about it, I'm not sure what your problem is, either!

The only idea that even comes to mind is to very carefully check the complete path to Port Explorer and then verify (using Windows Explorer) that the path is completely correct. When I say complete path, I mean confirm the drive is correct, confirm the folder navigation is correct, and then confirm that you've got the name of the executable absolutely correct.

There really is no reason why you should be having a problem with NPF 2002 that going to NIS/NPF 2004 should resolve -- it has to be something else." }-

Thanks jvmorris. I'll do just that. Another has come to mind. Could there be a setting in the system-wide rules that is blocking this action - I'll check that as well. Many thanks for your input.
Gandalf

-{ Quote: "Thanks jvmorris. I'll do just that. Another has come to mind. Could there be a setting in the system-wide rules that is blocking this action - I'll check that as well. Many thanks for your input.
Gandalf" }-
Yes, that's a possibility.

And Albert's AGNIS Rules Viewer (recommended by FanJ) is a good way of finding something like this.

Just to re-emphasize FanJ's point: If you upgrad to NIS/NPF 2004, the AGNIS Rules Viewer will not work, nor is there any equivalent alternative.

-{ Quote: "Yes, that's a possibility.

And Albert's AGNIS Rules Viewer (recommended by FanJ) is a good way of finding something like this.

Just to re-emphasize FanJ's point: If you upgrad to NIS/NPF 2004, the AGNIS Rules Viewer will not work, nor is there any equivalent alternative." }-
jvmorris, fanj. Many thanks for your suggestion. Have just downloaded Agnis Rules Viewer. Will let you know what it shows.
Gandalf

-{ Quote: "jvmorris, fanj. Many thanks for your suggestion. Have just downloaded Agnis Rules Viewer. Will let you know what it shows.
Gandalf" }-
Brilliant. Checked every rule. It shows rule I created to be working, but still when I try to access the Whois utility in Port Explorer says: "Server closed unexpectedly, might be busy, try again later. Seeing as the rule says it is working, maybe it's not the firewall but something with Port Explorer. See attachment

-{ Quote: "It shows rule I created to be working, but still when I try to access the Whois utility in Port Explorer says: "Server closed unexpectedly, might be busy, try again later." }-

This appears to be a Port Explorer message. Check your settings for the Who Is utility, is it set for Automatic Search?


-{ Quote: "Seeing as the rule says it is working, maybe it's not the firewall but something with Port Explorer. See attachment" }-

Check View Statistics > Firewall Rules and see if the Port Explorer rule is being matched/used. The rule looks fine and should work. If it is not showing as being matched/used, check your firewall logs.

If it is being matched/used, it could be a Port Explorer issue or problem with the Who Is servers.

Regards,

CrazyM

If I may :

If you like, you could install LogViewer from Sven to make reading your log a bit easier:
http://home.debitel.net/user/svenschaef/logview/

Gentlemen. All is now well. The problem was with the Firewall and not PE. All hell broke loose with my Norton av and PFW over the last few days which meant I had to uninstall all my Norton Products - devil of a time, no support for any except the Knowledge Base articles. Finally got rid of all the leftovers and decided not to reinstall av and PFW but just Ghost. Now have Zone Alarm as my Firewall and guess what all PE utilities work perfectly.
Thank you very much for all your time and help given to me over the last couple of weeks.
Gandalf 8)

Hi Gandalf

Good to hear you are up and running.
Would have been nice to figure out what was going on with NPF (I have used various versions with rules for Who Is utilities without a problem), but can appreciate your wanting something that is going to work for you.

Regards,

CrazyM