comodo and bittorrent help please

Discussion in 'other firewalls' started by wolf_xl, May 15, 2007.

Thread Status:
Not open for further replies.
  1. wolf_xl

    wolf_xl Registered Member

    Joined:
    Dec 7, 2004
    Posts:
    48
    I need help,
    I've just switched from Outpost Pro to Comodo and I've spent all afternoon and evening pulling my hairout trying to get utorrent bittorrent client to work.

    I've done a search on the forums and tried adding rules to the Network Monitor as described here and on most other placed I'v looked: https://www.wilderssecurity.com/showthread.php?t=145704&highlight=torrent

    But I still cant seem to forward the bittorrent client listening port. I've tried to get other clients to work but no joy.

    Could somone post the rules they've used in the 'application monitor' and 'network monitor'?? If I cant get this to work I'm gonna call it quits and switch back to outpost.

    Thanks all
     
  2. Woody777

    Woody777 Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    484
    Rt Click Summary in Comodo--Click Application Monitor---Find the Client Click Edit--Click allow all Activities----Click allow Invisible connection attempts.
     
  3. wolf_xl

    wolf_xl Registered Member

    Joined:
    Dec 7, 2004
    Posts:
    48
    Hi Woody777,
    thanks for the reply. Is your method safe? Becasue essentially I'll be trusting the application 100% and giving it full access.
     
  4. Woody777

    Woody777 Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    484
    Thats the only way I can get it to work
     
  5. Joliet Jake

    Joliet Jake Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    911
    Location:
    Scotland
    1. run utorrent , in Options -> Preference -> Connections
    untick "Random port each time utorrent starts"
    untick "Enable UPnP port mapping"
    Select the port you want to use.

    2. Add Network rule for utorrent in firewall (the port must equal to Listening port in utorrent, or the port you chose)

    3. run utorrent , in Options -> Speed Guide
    Click "Test if port is forwarded properly"

    (got this from Comodo's forum-I didn't untick the 'enable UPnP port mapping however and uTorrent works perfectly well with full speeds achievable)

    ------------------------------------------

    My network rule in Comodo is

    ALLOW TCP or UDP from IP [ANY] to IP [ANY] where source port is [ANY] and destination port is [the port I chose in uTorrent]

    I moved the rule up to number 1 but it must be moved above 'block and log' at the very least.

    The PC needs to reboot for Comodo to load these rules. When you then start uTorrent Comodo will ask if you want to allow uTorrent, I chose to 'always allow' it.

    ------------------------------------------

    I had problems with Bit Tornado for some strange reason then one day it started working (for some even stranger reason!!). Eventually ditched it for uTorrent and I'm happy I did.
     
    Last edited: May 16, 2007
  6. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hello wolf_xl,

    Your link to posts made by myself on creating network rules for torrent clients, this info is correct. You do then need to consider the settings within Utorrent (as posted by "Joliet Jake").

    As for your post:
    First, unsolicted inbound is restricted to the network rules. So an application may use other ports to "Listen" for inbound, but the network rules will decide if the comms would/should be allowed. So for Comodo, this is not a major problem/security risk. Any security risk is down to the the torrent/P2P client you use.
    To allow all outbound for the client, well, you need to consider the possibilities.
    Example:
    I do see many users of P2P/torrent clients using local ports such as 25(mail) as this gets around some throttling in place by some ISP, but allowing this outbound for the torrent client will enable the client to send e-mails.
    Myself, I would restict outbound to remote ports 1030-65535, but, this can cause connections to other users (who use the lower ports) to be lost.
     
  7. wolf_xl

    wolf_xl Registered Member

    Joined:
    Dec 7, 2004
    Posts:
    48
    Hi all thanks for the help. I mangaed to solve the problem.

    The solution worked with another client called Bitcomet 0.71 but should work for others I think.

    Firstly I created a rule in Network Monitor:

    Action: Allow
    Protocol: UDP or TCP
    Direction: In
    Source IP: Any
    Destination IP:Any
    Source Port:Any
    Destination Port: Listening Port on Client

    Secondly I adjusted rules in Application Monitor for Bitcomet making sure that I checked 'Allow invisible connection Attempts' and 'Skip Advanced Security Checks'. (is this a safe thing to do?)

    I rebooted the PC for the changes to affect and now bittorrent is working.

    I hope this helps other people who might have similar problems.
     
  8. screamer

    screamer Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    921
    Location:
    Big Apple USA
    That's a pretty open rule-set. I would at least follow Stems advice.

    "Myself, I would restict outbound to remote ports 1030-65535, but, this can cause connections to other users (who use the lower ports) to be lost."

    just my 2 cents,

    ...screamer
     
  9. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,188
    Wolf_xl, lol. Your solution just is not good at all.
    Bittorrent clients need only one port to be open for incoming unsolicitated in network monitor rules , some higher numbered one that you can specify.

    Comodo in my opinion is an ok firewall, would not run it if it isn't.
    There is a real configuration problem with programs that need unsolicitated connections to be allowed incoming. It is not intuitive at all since all incoming is blocked by default. So you need to know what port needs to be open for unsolicitated connections!

    Some help is given in comodo forum and I think your answer to bittorrent is given there many times.
    http://forums.comodo.com/index.php?PHPSESSID=e94c757d3f12d8b78de845fb424baa07&board=32.0

    Wish I have some for my unknown netphone program as rules, but I can use with only gsm, lol.
     
    Last edited: May 16, 2007
  10. wolf_xl

    wolf_xl Registered Member

    Joined:
    Dec 7, 2004
    Posts:
    48
    lol ok guys point taken :p

    so do i restrict the ports to 1030-65535 in the network monitor or Application monitor or in both??
     
  11. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,188
    First you remove that stupid rule of allowing everything inside and really being like without a firewall protection with that rule that you posted.
    I have a utorrent client and it tells in program options what single higher numbered port it needs to be opened in Comodo network rules.

    Bittorrent typically opens many connections while running, but most as our firewall expert Stem told are solicitated from your computer. It needs that one port though as i mentioned only to make a rule Comodo in network monitor for the unsolicitated connections to your puter.

    And all the talk of restricting outbound in my opinion is just for paranoia and in your case meaningless, if you first are not able to make your computer safe for viruses/crackers by opening all your ports for them.
    I know maybe a patched one can take all the traffic maybe?
     
    Last edited: May 16, 2007
  12. wolf_xl

    wolf_xl Registered Member

    Joined:
    Dec 7, 2004
    Posts:
    48
    as mentioned above my destination port for incomming trafic is not 'Any Port' but the bitorrent client port. Is this what needs to be changed in 'Network Monitor' rule?

    I will edit the out going to restrict ports as Stem suggested.
     
  13. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,188
    Well, as you told you have the torrent working without opening too many especially low numbered ports, you should be ok.

    Comodo can of course be made to restrict local ports to 1024-5000 in network rules, but can it be working? Propably if one wants to go so paranoid, one would also need the good logging facilities that comodo has not at the moment. Unfortunately :(
     
  14. screamer

    screamer Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    921
    Location:
    Big Apple USA
    Wolf, Here's a basic rule-set I use for Shareaza. See if you can apply it to your bit-torrent client. I use basically the same set for u-torrent and limewire,

    Shareaza, Shareaza.exe

    RuleName: Shareaza HTTP connections
    Protocol: TCP
    RemotePort: 80
    Direction: Outbound
    AllowIt


    RuleName: Shareaza Outbound TCP connections
    Protocol: TCP
    RemotePort: 1025-65535
    Direction: Outbound
    AllowIt


    RuleName: Shareaza UDP connections local Port
    Protocol: UDP
    LocalPort: 6346
    AllowIt


    RuleName: Shareaza UDP connections remote Port
    Protocol: UDP
    RemotePort: 6346
    AllowIt


    RuleName: Shareaza Inbound TCP connections
    Protocol: TCP
    LocalPort: 6346
    Direction: Inbound
    AllowIt


    RuleName: Block Shareaza UDP connections
    Protocol: UDP
    LocalPort: 1-1024
    BlockIt


    RuleName: Block Shareaza Inbound TCP connections
    Protocol: TCP
    LocalPort: 1-1024
    Direction: Inbound
    BlockIt


    RuleName: Block Shareaza Outbound TCP connections
    Protocol: TCP
    RemotePort: 1-1024
    Direction: Outbound
    BlockIt


    hth,

    ...screamer
     
  15. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Just for the application/client.
    If you place this outbound restriction within the network rules then you may have problems, for example, with DHCP (depending on your setup).
     
  16. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,188
    Here are my current rules with Comodo.
    0 and 1 are for blocking netbios outbound. Them not really necessary I think when disabling that in the network connections, but I keep them anyways from my kerio 2.1.5 experience as learned rules. And they are set to log.
    2 is for my cable modem dhcp that is not necessary for unsolicited connections. To be able to set it log, but really don't need that spam so it is added cause of that. To filter that traffic out.
    3 could be I guess removed since there is that final block rule already there. But also I don't get any logging now for them unlike from the final rule, so they are with this rule set to block with no loggings.
    Since Comodo's logging basically sucks, at least it makes some sense when in trouble to filter out some blockings that are not really needed to sort out some problems that might find a good use of the log. Just my opinion.

    4 is for normal internet connections, restricting them to local ports 1024-5000.
    5 is what you have been asking about restricting outbound local ports. Hard to do but at least you can set them to log when connections are not in the normal range when initiated from your computer.

    The rest are just normal default rules that come after Comodo install except 2 netphone rules and rule 12 for utorrent client.

    I should say also that Comodo as default needs to allow 'act as server' prompts in application monitor to browsers and many other programs for the loopback communication only, address 127.0.0.1 and some programs like Avira AntiVir also need address 0.0.0.0.
    Otherwise that bit torrent port is also open to all your apps that you have allowed wide with 'act as server', though that not really a serious problem since only one higher numbered port and normal applications are not responsive to it.
    You dont need to give any more access to them if you have your rules made with very high alert level setting. Of course when running using it one needs to edit app rules to allow a bit more so one does not get asked for every IP connection.
    Jarmo
     
    Last edited: May 17, 2007
  17. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,188
    and the rule pic:
     

    Attached Files:

  18. wolf_xl

    wolf_xl Registered Member

    Joined:
    Dec 7, 2004
    Posts:
    48
    I tweaked my settings after much trial and error and settled on the rules below.
    **NETWORK MONITOR**
    Action: Allow
    Protocol: UDP or TCP
    Direction: In
    Source IP: Any
    Destination IP:Any
    Source Port:Any
    Destination Port: 6969

    **APPLICATION MONITOR**
    Action: Allow
    Protocol: UDP or TCP
    Direction: In/Out
    Destination IP:Any
    Destination Port:6969


    Nothing in Miscellanious has been checked.

    I'm a noob at this so please bear with me as I'm a little confused now. I'm getting excellent speeds but what do i need to change?

    Thanks
     
  19. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,188
    Sounds good, btw I allowed utorrent.exe all ports for both outgoing and incoming connections in app monitor rules for tcp and udp. So if yours work with less, that ok.
     
Loading...
Thread Status:
Not open for further replies.