I've noticed my LnS log filling up with TONS of entries regarding the following ICMP protocol, even when BitComet isn't running: Type 3 Code 0 Type 3 Code 1 Type 3 Code 3 Type 3 Code 13 Type 10 Code (cant remember) Type 11 Code 0 Type 13 Code (cant remember) As well as UPD: Stop NetBIOS Is this normal? Should I create a rule to ALLOW the above protocols, or is it ok to just let the firewall block them? Also, should I allow port 137 (client or server) for NetBIOS -- while BitComet is running? I'm guessing that the reason I continue to get flooded with ICMP requests after BitComet has stopped running is because I previously announced myself as a 'seeder' on the Internet and the tracker sites are still announcing me as a seeder, even though I've turned my BitComet off. Anyway, if anyone knows what's going on with these ports/protocols and can tell me whether or not I need to block or allow them, please let me know. It would be greatly appreciated. Thanks!
Hi nos_grunt All these entries are normal. Here's the way to managed it: 1) ICMP You must allow this: type 8 code 0 echo request: Outgoing only type 0 code 0 echo reply: Incoming only type 11 code 0 timeout: Incoming only (used by TraceRoute...) All the other ICMP codes must be blocked in and out BUT It's possible to use it wisely to have interesting informations... After the 3 previous allowd ICMP type/code you may add these specific ICMP blocking rules to have a more explicit information in the log (to have it add an ! or to not log it remove the ! ... see ?) type 3 code 0 Network Unreacheable: block in and out and log it (or not) type 3 code 1 Host Unreachable: block in and out and log it (or not) type 3 code 3 Port Unreachable: block in and out and log it (or not) type 3 code 10 Host Forbidden: block in and out and log it (or not) type 3 code 13 Forbidden (Filtering): block in and out and log it (or not) and dont worry about all these signals... This is normal. Don't forget to block all remaining ICMP types/codes (mandatory...) B) Post-connections incomming packets What you can do is to create rules to block with no log entries all these annoying packets entries in the log... Here's an "experimental" rules set: https://www.wilderssecurity.com/showthread.php?t=178698 Check the rule {Y. 99996}; [UDP] << Bt pqts post-connex. ! > to understand how to do...