UDP rule for BT , P2P tv , msn & YIM ?

Discussion in 'LnS English Forum' started by -NiCeGuY-, May 6, 2007.

Thread Status:
Not open for further replies.
  1. -NiCeGuY-

    -NiCeGuY- Registered Member

    Joined:
    Mar 5, 2007
    Posts:
    79
    when i am using uTorrent/MSN/YIM , i saw my log blocked some UDP connection , am i need create another rule for those prog ? For uTorrent , i enabled UPnP on my router & windows firewall , but... still saw LnS block 1900@UDP connect to my 192.168.2.1:1900@UDP , why ?

    Another thing when i am using uTorrent/Sopcast(P2P tv) , i saw block some ICMP , am i need rule ?

    see picture

    http://i128.photobucket.com/albums/p182/niceguy_hk/c3589be0.jpg

    http://i128.photobucket.com/albums/p182/niceguy_hk/d234336a.jpg

    Enabled UPnP 1900@UDP in wondows firewall

    http://i128.photobucket.com/albums/p182/niceguy_hk/250d99e7.jpg

    Blocked ICMP from LnS

    http://i128.photobucket.com/albums/p182/niceguy_hk/5e90cba0.jpg

    Blocked 1900@UDP

    Am i need create UDP & IGMP rule , if so how ? ty 4 reply :D
     
  2. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,637
    Hi -NiCeGuY- (is this the correct translation: 喜好人 ?) :)

    1- the UDP packets on port 1900 comes from the Windows service SSDP...
    [Simple Service Discovery Protocol] and are used by Microsoft Messenger (as far as I Know).

    You may create a specific rule for this allowing UDP to remote 1900 for Genereric Host Process (svchost). This GHP is also listening on local port 1900...
    (Why? no idea.)

    Remark: don't use 2 firewal in the same time. If you use LNS, you don't have to use the W xp (Half-)firewall ...

    2- Icmp type 3 code 1 = machine unaccessible
    Icmp type 3 code 3 = port unreachable...

    Ignore them (let LNS block theses Icmp type/code):

    The only ICMP type/code allowed over internet are normally:

    Type 8 code 0 : Echo outbound only
    Type 0 code 0 : Echo reply (to the previous "ping") inbound only
    Type 11 code 0 : Timeout (used by Trace route...) inbound only

    In a local network, on the client PCs, ICMP type 3 code 4 must be allowed in and out within the network (means "Fragmentation needed but a Don't Fragment flag is set.")

    All the other Icmp type/code have to be blocked by the firewall. Blocked and logged to help you to find some events happened in the Network.

    :)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.