Cant connect to internet with standard/enhanced ruleset

Discussion in 'LnS English Forum' started by razoon, Nov 28, 2006.

Thread Status:
Not open for further replies.
  1. razoon

    razoon Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    8
    Hello,

    I am trying out LooknStop (newest version). Im really impressed by it.
    I run it on a fresh XP installation on a ICS gateway.

    But....my LAN computers cannot connect anymore to the internet.
    Firefox or World of Warcraft wont connect.

    Therefore I un-checked the 'TCP: any other packet' and 'UDP: any other packet' rules.
    Then I can connect.
    But I gues that is not good.

    I installed the ICS rule

    Any idea what is can be?

    regards
     
  2. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi,

    What are the alert you got in the log when the two rules you mentioned are enabled ?

    Thanks,

    Frederic
     
  3. razoon

    razoon Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    8
    Hi,

    Well, when running Firefox on a ICS-client I get a whole buch of:

    11-29-06,01:13:30 U-1756 'TCP : Any other packet ' 213.239.154.35 TCP Ports Dest:www-http=80 Src:61554


    When running WoW on a client, I get these:

    11-29-06,01:21:42 U-1828 'UDP : Any other UDP pack' 213.73.255.53 UDP Ports Dest:domain=53 Src:61560

    This is strange, cus destination UDP port 53 is open....uhmmm


    Running for example Internet Explorer on the ICS server itself is ok

    So there must be a block between the ICS server and the clients... somewhere... I think.


    I dont need to run LooknStop on the clients do I? On the server only suffice right?

    regards
     
    Last edited: Nov 28, 2006
  4. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    For EnhancedRulesSet.rls, locate the rule ‘UDP : Authorize name resolution (DNS)’, double-click to edit it and adjust the source ports (left-side) from ‘In range A:B’ – 1024 -5000 to ‘In range A:B’ – 1024 -65535…. Save change

    Locate the rule ‘TCP : Authorize most common Internet services’ and do the same change ;)
     
  5. razoon

    razoon Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    8
    Yay....that worked...kool...tyvm :D
     
  6. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi,

    For you information, the ruleset mentioned here:
    http://www.looknstop.com/En/rules/rules.htm#ICS
    (For Windows XP SP2 import the ruleset SharingSP2.rie.)
    was supposed to do the same.

    Probably you were talking about another ruleset.

    Frederic
     
  7. razoon

    razoon Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    8
    Hello :)

    Yes these rules work indeed. I use these now and replaced the other 2 rules(which Phantom suggested) back to original state.
    tyvm,

    regards
     
Thread Status:
Not open for further replies.