a quesition about Internet rule for application

Discussion in 'LnS English Forum' started by lookcity, May 24, 2007.

Thread Status:
Not open for further replies.
  1. lookcity

    lookcity Registered Member

    Joined:
    Oct 22, 2005
    Posts:
    46
    Location:
    China
    Hello,

    I have a quesition about the rule in Internet filtering setted for application.That is :rule set for application(associated some applicatons in "applications")in Internet filtering will be active when associated application running. Do ports opened by this rule still open for other exchange in Internet ? Once the rule actived by associated application, whether the filter check what allowed by this rule in Internet must originate from this application? If not, than block? Once this rule is active , all traffic meet with this rule is allowed ?



    Wish you understand what I said.:)

    Any suggestion will be appreciated.
     
  2. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi lookcity :)

    Normally, when a rule is specific for one application the only traffic allowed by this rule is the one from this application...

    but

    I found some condition where a specific rule in use looks to be also allowing some traffic associated with an other application...


    This situation happen in my system when I was using a very restrictive rules set and a rule for Passive FTP using a large range of local ports. Some application not associated with that PASSV Ftp rule looks (in the log entries) using that rule...

    This situation may also happened when you makes too many modifications to your rule set during the system operation: that's fool LNS...

    I fix both problems with a better rules set and by making few modification at the time. If you have too many modification to do, the best is to make change in the rule set offline then restart.

    Hope this help.

    :)
     
  3. lookcity

    lookcity Registered Member

    Joined:
    Oct 22, 2005
    Posts:
    46
    Location:
    China
    Hi Climenole:
    Thank you for your reply:D
    That is to say , in most cases , only the traffic of defined application will be allowed ? I just think like this before untill some friends of me mentioned that if the ports BitTorrent needed was opened by other running software , BT can work well too. I didn't do experiment.
    Thank you for your suggestion.:thumb:
    Have a good day!
     
  4. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi lookcity :)


    BitTorrent clients are not "equal"...

    µTorrent works as expected but BitTyran (a variant of Azureus) have some weirds behaviour...

    Ex.:

    BitTyran makes a broadcast to the IP addr. 239.255.67.250 to a random remote port from the local port range 1024 to 65535. Why? Not documented...

    BitTyran makes also many UDP connections from ramdom ports local and remote.

    BitTyrant makes also an IGMP broadcast to the IGMPv3 IGMP.MCAST.NET=224.0.0.22 (like Azureus).
    Why? Not documented as far as I know. Allowed or blocked, this makes no change to the operation of these BitTorrent clients...

    Personnaly, I prefer µTorrent. There's no such weird "useless features" ...

    :)
     
  5. -NiCeGuY-

    -NiCeGuY- Registered Member

    Joined:
    Mar 5, 2007
    Posts:
    79
    From: http://www.iana.org/assignments/multicast-addresses

    See rest at link.
     
    Last edited by a moderator: Jun 30, 2007
  6. lookcity

    lookcity Registered Member

    Joined:
    Oct 22, 2005
    Posts:
    46
    Location:
    China
    Hi
    Thank you for the information.
    I have not used µTorrent and BitTyran before.I don't like the weirds behaviour too.
    I didn't know what does "equal" mean exactly? :doubt:
    In fact , I rarely used any p2p software including BT ,so what I know about them is so limited.

    Thanks again.:)
     
  7. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi lookcity :)

    Oups !
    Sorry: I have to explain this quotation from the occidental cultural background.

    It's coming from a novel writen by George Orwell: "The animal farm".

    Ref: http://en.wikipedia.org/wiki/Animal_Farm

    After an animals revolution and the establishment of an equalitarian animal society, the animals becomes more and more closer to humans...

    They start with a complete equality between animals but this become at the end a BIG LIE and one of the animals sarcasticly remarks:

    "All animals are equal, but some are more equal than others."

    Hence my allusion to the BitTorrent clients "equal" in quality but no so equal... ;-)

    Hope you'll find this story funny and may be discover that a similar story already exist in the classical chinese litterature.

    :)
     
  8. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi -NiCeGuY- :)

    :eek: :D :thumb:

    Thank you -NiCeGuY- for this complete documentation about Multicast addresses. I keep this in my records.

    Have a nice day.

    :)
     
  9. lookcity

    lookcity Registered Member

    Joined:
    Oct 22, 2005
    Posts:
    46
    Location:
    China
    Hi Climenole,
    Such a nice story.It was true that different country have different culture , so the world is so wonderful. Not only knowledge of professional but culture can I get from you. Thanks !

    Do the "litterature" in French means "literature" in English ? I hope so.
     
  10. lookcity

    lookcity Registered Member

    Joined:
    Oct 22, 2005
    Posts:
    46
    Location:
    China
    It was too late . I have to sleep.;)

    It was 0:08 now .
     
  11. -NiCeGuY-

    -NiCeGuY- Registered Member

    Joined:
    Mar 5, 2007
    Posts:
    79
    Hi , Climenole :)

    List of ICMP types and codes

    Type 0 Echo-reply

    Type 1 Unassigned

    Type 2 Unassigned

    Type 3 Destination-unreachable
    Code 0 network-unreachable
    Code 1 host-unreachable
    Code 2 protocol-unreachable
    Code 3 port-unreachable
    Code 4 fragmentation-needed
    Code 5 source-route-failed
    Code 6 network-unknown
    Code 7 host-unknown
    Code 8 network-prohibited
    Code 9 host-prohibited
    Code 10 TOS-network-unreachable
    Code 11 TOS-host-unreachable
    Code 12 communication-prohibited
    Code 13 host-precedence-violation
    Code 14 precedence-cutoff

    Type 4 Source-quench

    Type 5 Redirect
    Code 0 network-redirect
    Code 1 host-redirect
    Code 2 TOS-network-redirect
    Code 3 TOS-host-redirect

    Type 6 Alternate Host Address

    Type 7 Unassigned

    Type 8 Echo-request

    Type 9 Router-advertisement

    Type 10 Router-solicitation

    Type 11 Time-exceeded
    Code 0 ttl-zero-during-transit
    Code 1 ttl-zero-during-reassembly

    Type 12 Parameter-problem
    Code 0 ip-header-bad
    Code 1 required-option-missing

    Type 13 Timestamp-request

    Type 14 Timestamp-reply

    Type 15 Information Request

    Type 16 Information Reply

    Type 17 Address-mask-request

    Type 18 Address-mask-reply

    Type 19 Reserved

    Type 20-29 Reserved

    Type 30 Traceroute

    Type 31 Datagram Conversion Error
    Code 0 Unknown error
    Code 1 Don't convert option present
    Code 2 Unknown mandatory option present
    Code 3 Known unsupported option present
    Code 4 Unsupported transport protocol
    Code 5 Overall length exceeded
    Code 6 IP Header length exceeded
    Code 7 Transport protocol > 255
    Code 8 Port conversion out of range
    Code 9 Transport header length exceeded
    Code 10 32-bit rollover missing and ACK set
    Code 11 Unknown mandatory transport option present

    Type 32 Mobile Host Redirect

    Type 33 IPv6 Where-Are-You

    Type 34 IPv6 I-Am-Here

    Type 35 Mobile Registration Request

    Type 36 Mobile Registration Reply

    Type 37 Domain Name Request

    Type 38 Domain Name Reply

    Type 39 SKIP

    Type 40 Security Failures ( Type 40 Photuris )
    Code 0 Bad SPI
    Code 1 Authentication Failed
    Code 2 Decompression Failed
    Code 3 Decryption Failed
    Code 4 Need Authentication
    Code 5 Need Authorization

    more infoabout ICMP : http://www.daemon.be/maarten/icmpfilter.html

    Have a nice day & enjoy :D
     
  12. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi -NiCeGuY- :)

    Thank you !

    Is'nt time to stop to play with your computer... ? ;)

    What time is it? :eek:

    Good night -NiCeGuY-

    :)
     
  13. -NiCeGuY-

    -NiCeGuY- Registered Member

    Joined:
    Mar 5, 2007
    Posts:
    79
    00:40 here , my network got some1 dossing :mad:
     
Thread Status:
Not open for further replies.