comodo and bittorrent help please

I need help,
I've just switched from Outpost Pro to Comodo and I've spent all afternoon and evening pulling my hairout trying to get utorrent bittorrent client to work.

I've done a search on the forums and tried adding rules to the Network Monitor as described here and on most other placed I'v looked: https://www.wilderssecurity.com/showthread.php?t=145704&highlight=torrent

But I still cant seem to forward the bittorrent client listening port. I've tried to get other clients to work but no joy.

Could somone post the rules they've used in the 'application monitor' and 'network monitor'?? If I cant get this to work I'm gonna call it quits and switch back to outpost.

Thanks all

 

Rt Click Summary in Comodo--Click Application Monitor---Find the Client Click Edit--Click allow all Activities----Click allow Invisible connection attempts.

 

Hi Woody777,
thanks for the reply. Is your method safe? Becasue essentially I'll be trusting the application 100% and giving it full access.

 

Thats the only way I can get it to work

 

1. run utorrent , in Options -> Preference -> Connections
untick "Random port each time utorrent starts"
untick "Enable UPnP port mapping"
Select the port you want to use.

2. Add Network rule for utorrent in firewall (the port must equal to Listening port in utorrent, or the port you chose)

3. run utorrent , in Options -> Speed Guide
Click "Test if port is forwarded properly"

(got this from Comodo's forum-I didn't untick the 'enable UPnP port mapping however and uTorrent works perfectly well with full speeds achievable)

------------------------------------------

My network rule in Comodo is

ALLOW TCP or UDP from IP [ANY] to IP [ANY] where source port is [ANY] and destination port is [the port I chose in uTorrent]

I moved the rule up to number 1 but it must be moved above 'block and log' at the very least.

The PC needs to reboot for Comodo to load these rules. When you then start uTorrent Comodo will ask if you want to allow uTorrent, I chose to 'always allow' it.

------------------------------------------

I had problems with Bit Tornado for some strange reason then one day it started working (for some even stranger reason!!). Eventually ditched it for uTorrent and I'm happy I did.

 

Hello wolf_xl,

Your link to posts made by myself on creating network rules for torrent clients, this info is correct. You do then need to consider the settings within Utorrent (as posted by "Joliet Jake").

As for your post:

First, unsolicted inbound is restricted to the network rules. So an application may use other ports to "Listen" for inbound, but the network rules will decide if the comms would/should be allowed. So for Comodo, this is not a major problem/security risk. Any security risk is down to the the torrent/P2P client you use.
To allow all outbound for the client, well, you need to consider the possibilities.
Example:
I do see many users of P2P/torrent clients using local ports such as 25(mail) as this gets around some throttling in place by some ISP, but allowing this outbound for the torrent client will enable the client to send e-mails.
Myself, I would restict outbound to remote ports 1030-65535, but, this can cause connections to other users (who use the lower ports) to be lost.

 

Hi all thanks for the help. I mangaed to solve the problem.

The solution worked with another client called Bitcomet 0.71 but should work for others I think.

Firstly I created a rule in Network Monitor:

Action: Allow
Protocol: UDP or TCP
Direction: In
Source IP: Any
Destination IP:Any
Source Port:Any
Destination Port: Listening Port on Client

Secondly I adjusted rules in Application Monitor for Bitcomet making sure that I checked 'Allow invisible connection Attempts' and 'Skip Advanced Security Checks'. (is this a safe thing to do?)

I rebooted the PC for the changes to affect and now bittorrent is working.

I hope this helps other people who might have similar problems.

 

That's a pretty open rule-set. I would at least follow Stems advice.

"Myself, I would restict outbound to remote ports 1030-65535, but, this can cause connections to other users (who use the lower ports) to be lost."

just my 2 cents,

...screamer

 

Wolf_xl, lol. Your solution just is not good at all.
Bittorrent clients need only one port to be open for incoming unsolicitated in network monitor rules , some higher numbered one that you can specify.

Comodo in my opinion is an ok firewall, would not run it if it isn't.
There is a real configuration problem with programs that need unsolicitated connections to be allowed incoming. It is not intuitive at all since all incoming is blocked by default. So you need to know what port needs to be open for unsolicitated connections!

Some help is given in comodo forum and I think your answer to bittorrent is given there many times.
http://forums.comodo.com/index.php?PHPSESSID=e94c757d3f12d8b78de845fb424baa07&board=32.0

Wish I have some for my unknown netphone program as rules, but I can use with only gsm, lol.

 

lol ok guys point taken

so do i restrict the ports to 1030-65535 in the network monitor or Application monitor or in both??

 

First you remove that stupid rule of allowing everything inside and really being like without a firewall protection with that rule that you posted.
I have a utorrent client and it tells in program options what single higher numbered port it needs to be opened in Comodo network rules.

Bittorrent typically opens many connections while running, but most as our firewall expert Stem told are solicitated from your computer. It needs that one port though as i mentioned only to make a rule Comodo in network monitor for the unsolicitated connections to your puter.

And all the talk of restricting outbound in my opinion is just for paranoia and in your case meaningless, if you first are not able to make your computer safe for viruses/crackers by opening all your ports for them.
I know maybe a patched one can take all the traffic maybe?

 

as mentioned above my destination port for incomming trafic is not 'Any Port' but the bitorrent client port. Is this what needs to be changed in 'Network Monitor' rule?

I will edit the out going to restrict ports as Stem suggested.

 

Well, as you told you have the torrent working without opening too many especially low numbered ports, you should be ok.

Comodo can of course be made to restrict local ports to 1024-5000 in network rules, but can it be working? Propably if one wants to go so paranoid, one would also need the good logging facilities that comodo has not at the moment. Unfortunately

 

Wolf, Here's a basic rule-set I use for Shareaza. See if you can apply it to your bit-torrent client. I use basically the same set for u-torrent and limewire,

Shareaza, Shareaza.exe

RuleName: Shareaza HTTP connections
Protocol: TCP
RemotePort: 80
Direction: Outbound
AllowIt


RuleName: Shareaza Outbound TCP connections
Protocol: TCP
RemotePort: 1025-65535
Direction: Outbound
AllowIt


RuleName: Shareaza UDP connections local Port
Protocol: UDP
LocalPort: 6346
AllowIt


RuleName: Shareaza UDP connections remote Port
Protocol: UDP
RemotePort: 6346
AllowIt


RuleName: Shareaza Inbound TCP connections
Protocol: TCP
LocalPort: 6346
Direction: Inbound
AllowIt


RuleName: Block Shareaza UDP connections
Protocol: UDP
LocalPort: 1-1024
BlockIt


RuleName: Block Shareaza Inbound TCP connections
Protocol: TCP
LocalPort: 1-1024
Direction: Inbound
BlockIt


RuleName: Block Shareaza Outbound TCP connections
Protocol: TCP
RemotePort: 1-1024
Direction: Outbound
BlockIt


hth,

...screamer

 

Just for the application/client.
If you place this outbound restriction within the network rules then you may have problems, for example, with DHCP (depending on your setup).

 

Here are my current rules with Comodo.
0 and 1 are for blocking netbios outbound. Them not really necessary I think when disabling that in the network connections, but I keep them anyways from my kerio 2.1.5 experience as learned rules. And they are set to log.
2 is for my cable modem dhcp that is not necessary for unsolicited connections. To be able to set it log, but really don't need that spam so it is added cause of that. To filter that traffic out.
3 could be I guess removed since there is that final block rule already there. But also I don't get any logging now for them unlike from the final rule, so they are with this rule set to block with no loggings.
Since Comodo's logging basically sucks, at least it makes some sense when in trouble to filter out some blockings that are not really needed to sort out some problems that might find a good use of the log. Just my opinion.

4 is for normal internet connections, restricting them to local ports 1024-5000.
5 is what you have been asking about restricting outbound local ports. Hard to do but at least you can set them to log when connections are not in the normal range when initiated from your computer.

The rest are just normal default rules that come after Comodo install except 2 netphone rules and rule 12 for utorrent client.

I should say also that Comodo as default needs to allow 'act as server' prompts in application monitor to browsers and many other programs for the loopback communication only, address 127.0.0.1 and some programs like Avira AntiVir also need address 0.0.0.0.
Otherwise that bit torrent port is also open to all your apps that you have allowed wide with 'act as server', though that not really a serious problem since only one higher numbered port and normal applications are not responsive to it.
You dont need to give any more access to them if you have your rules made with very high alert level setting. Of course when running using it one needs to edit app rules to allow a bit more so one does not get asked for every IP connection.
Jarmo

 

and the rule pic:

 

I tweaked my settings after much trial and error and settled on the rules below.
**NETWORK MONITOR**
Action: Allow
Protocol: UDP or TCP
Direction: In
Source IP: Any
Destination IP:Any
Source Port:Any
Destination Port: 6969

**APPLICATION MONITOR**
Action: Allow
Protocol: UDP or TCP
Direction: In/Out
Destination IP:Any
Destination Port:6969


Nothing in Miscellanious has been checked.

I'm a noob at this so please bear with me as I'm a little confused now. I'm getting excellent speeds but what do i need to change?

Thanks

 

Sounds good, btw I allowed utorrent.exe all ports for both outgoing and incoming connections in app monitor rules for tcp and udp. So if yours work with less, that ok.