Disable 'block all other UDP packets'

So how do you add port ranges. BF2 needs UDP from port 1500-4999.

 

See where it says 'Fields (0 to 15)', start from Field 2 and change Inbound: field (for Field Offset) from 2 to 0, and continue down the following fields (Field #3, Field #4, Field #5..) making this change.

When you get to an empty field (for you it'll be field #6), and the 'Field Criteria' says NA, change everything required to make it look exactly like the attached image setup to include the port range.

 

When you done creating and editing the rule, you need to change from blocked to allowed state.

 

I understand that, but you cant add a port range with your tool? And you have to create multiple rules with the RawRule.dll to accomplish the same thing?

 

Right, you can’t add port range with my plugin. Basic usage is to block list of specific ports, but we just using it to serve another purpose.

Using Raw rule plugin you can create an single rule with various criteria checks, and create several advanced rules for several different games and applications.

 

Ok so I have to figure out the RawRule.dll.

Is the field (0-15) basically a list starting at 1 and going to 15 and for each number you add your rule in the port or ranges off to the right and change the field criteria to either port or range to correspond to the port numbers needed to allow?

 

I thought using my plugin would be an quick way for you to add few different ports and then viewing it using Raw rule plugin and see how it’s basically being done.

‘Field (0-15)’, doesn’t start at field 1, but 0, and viewing the rule that my plugin makes, you have to go visit field 2 after the ethernet type and IP protocol checking fields, where the fields used for ports begins.

After specifying the list of specific ports, and making the manual changes using raw rule plugin, then you can include the port range specification at the end .. on an new empty field.

 

Both tools are confusing. I wish they had a help file or atleast like a manual for this stupid thing.

 

heh! That is why I’m here!

What part did I loose you on?

 

I feel like Im a burden.

The entire tool is confusing to me. A description of what each section would be nice. What the fields (0-15) mean? The field filtering type, inbound, outbound, and field values? Field criteria?

The SPF (stateful packet filtering?) and the allow/block and log as well as the direction are about all I dont need explained. Ive never used a rule based FW like this before.

 

So we focused on the Battlefield 2 UDP ports? using my plug-in, you make the UDP selection and add the following UDP ports; 16567, 27900, 29900. From there you make the manual adjustments using Raw rule plugin like explained already, then apply the UDP port range (1500-4999) to this rule, like explained previously.

 

So I use your tool to add the single ports and then use the Raw.dll to add the port range and thats it?

I set the field thats on the scale from 0-15 to 2 and the port range in there and apply and done?

 

Yes!!!

I've made some modifications to post 27, please re-visit https://www.wilderssecurity.com/showpost.php?p=1670841&postcount=27

 

Ok so field 2 and on to 15 are basically like a list.

I start at field 2, which is where port designation begins, and go on to 15 until I have either all ports or all port ranges.

I go to 2, put in say port 80, then go to field 3 and put in port 100, field 4 and put in port 1500-4999 as a range, and so on?

 

Using my plugin and adding the three ports before using Raw rule plugin to view and make other modifications, you’ll see Field #2 containing all three ports. Each field can hold up-to three specific ports.

 

But yea, you have the basic idea now, and you can include several specific ports along with several different port ranges in an single rule.

 

Last question I think. What does inbound and outbound 12 mean under field filtering? And how do you enable each rule to allow 3 specified ports?

 

You talking about the very first field (field #0), this is for ethernet type matching.

See attached image for your other question.

 

Isnt the Mask a mask not a port? Or can it be used to specify a 3rd port to be allowed in the port list?

Under field filtering you have inbound and outbound. Why does outbound need to have the number 2, but inbound doesnt? I dont understand what those numbers mean.

 

'Field Criteria' isn't using "MASK_VALUE1" criteria, it is using criteria that is treating the masking field as another normal value field, ‘Value3:’.


Packet field offset matching, depending on packet direction (Inbound, Outbound or both). 0 = source port matching, 2 = destination port matching.

 

So I need inbound and outbound for all ports to have #2 rather than 0's?

After I created the rules starting at field 2 and so on and I saved and applied the rule and go back in and edit them. Everything is moved back to field 0.

 

... You somewhat lost me, you don’t need to specify ‘Direction’ type for every field #, you only specify the direction once for the rule, and we must use direction type ‘Both’ to allow incoming and outgoing packets from/to the BF2 servers.

 

@whitedragon551: I can understand why this firewall is proving to be a bit of a pain to understand. I'm thoroughly confused and it's not for a lack of understanding of network basics. I applaud your determination to succeed in using it. I've been lurking in this forum for awhile because I would like to become a LnS user, but it's things like what you are dealing with right now that end up making me stay with Jetico. It's just so much easier to configure.

@Phant0m: You are such a great resource and I really appreciate the time you spend helping users here. It's people like you that keep giving me the incentive to give LnS another try in my VM to see if I can learn how to use this firewall someday with the ease at which I'm able to configure Jetico.

Sorry for the off-topic post, but threads like this one are why Wilder's really shines. It's been very informative and I just wanted to say thanks.

 

Excellent news. I downloaded the BF2 manual and didnt even use your tool Phantom. I used the RawRule.dll tool and got BF2 configured 100% on the second try with no drop outs, lag, or disconnects. Thanks Phantom. I can now use the 2 rules for BF2 as a template for the rest of the Raw rules I need to create down the road.

 

Thanks Derelict_NY, your words are much appreciated!