Http File Serve rule ?

Discussion in 'LnS English Forum' started by -NiCeGuY-, Apr 10, 2007.

Thread Status:
Not open for further replies.
  1. -NiCeGuY-

    -NiCeGuY- Registered Member

    Joined:
    Mar 5, 2007
    Posts:
    79
  2. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi -NiCeGuY- :)

    By Jove ! :eek: Are you going to install all kind of software in your PC ? :blink:

    ;)

    Protocol; TCP
    packets: in and out
    Address: From My @IP
    Local port: equal 80
    remote ports: all
    applications... : HFS

    Put this rule just before the rule:
    "+TCP : Block incoming connections"

    save, apply and reboot.

    Cheer !

    :)
     
  3. -NiCeGuY-

    -NiCeGuY- Registered Member

    Joined:
    Mar 5, 2007
    Posts:
    79
    Hi , Climenole
    lmao , no , and i need PeerGuardian update rule pls , seems block some update link when behind LnS

    i create rule like this:

    Protocol: TCP
    packets: in and out
    Address: From My @IP
    Local port: 1024 to 5000
    remote ports: all
    applications: PeerGuardian

    is it right ? & this rule place where ? ty 4 reply :thumb:
     
  4. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi -NiCeGuY-,

    This rule is not enough restrictive.
    The remote port should be specified. When it doesn't work, the blocked port (to be allowed) should be available from the log.

    Frederic
     
  5. -NiCeGuY-

    -NiCeGuY- Registered Member

    Joined:
    Mar 5, 2007
    Posts:
    79

    HI , Frederic , i saw in log block @ip:3125 , then i create rules like this:


    Etyhernet type : IP
    Protocol: TCP
    packets: in and out
    Address: From My @IP
    Local port: 1024 to 5000
    IP Address: equals @ip
    remote ports: equals @3125
    applications: PeerGuardian

    this rule place where ? Im little confuse when i create new rules , where can i place my new rules , can some1 teach me ? ty 4 reply :thumb:
     
  6. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi -NiCeGuY- :)

    Like this:

    Ethernet type : IP
    Protocol: TCP
    packets: in and out
    Address: From My @IP
    Local port: 1024 to 5000
    IP Address: equal My @ip
    remote ports: equal or 80, 3125 <<== ;)
    applications: PeerGuardian

    :)
     
  7. -NiCeGuY-

    -NiCeGuY- Registered Member

    Joined:
    Mar 5, 2007
    Posts:
    79

    ty , climenole , can you answer me when create new rule 4 LnS , how to place the new rule , can you give me some concept .

    As mine , when i create new rule i just put them all under "+TCP:block imcoming connections" lol , i dunno that isn't right or wrong o_O

    so i wish sum1 can teach me how to put the new rule on correct position pls :D
     
  8. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi -NiCeGuY- :)

    Simple:

    The rule "+TCP:block incoming connections" block any incoming packet with the flag syn.

    In every network a server is any machine accepting an incoming connection.
    This connection is initiated by a client sending a TCP packet with the flag "syn".

    An example with a connection of a PC (the "client") to a web server:

    Session opening

    Client (PC) <<======================>> Server In the "listening" state

    From any local port
    in the range 1024 to 5000

    =============== ask for a connection: SYN =================>>

    <<============= Connection accepted: ACK SYN ===============

    =============== " acknowldge": ACK ======================>>

    Connection in the "established" state...

    Almost every internet programs are "client" programs except:

    The specific server programs like : Apache for a web server, Filezilla-server for an Ftp server, etc.

    The "IDENT" protocol on port 113 used by some "old style" Irc server,

    The server part of all P2P programs to share your files with the other users of the p2p network...

    VNC and alike used as server for a remote administration...
    (dont be confused here: VNC have a client: VNC Viewer and a server VNC server...)

    Since they required a connection the corresponding rule must accept an incoming TCP packet with a syn flag, therefore the rule must be put before "+TCP:block incoming connections".

    All the others, the "client" programs (browser, emailer, VoIP, Instant Messenger, etc) must be put after "+TCP:block incoming connections"

    all "server" rules just before "+TCP:block incoming connections".
    all "client" rules just after "+TCP:block incoming connections".


    That's it.

    :)
     
    Last edited: Apr 13, 2007
  9. -NiCeGuY-

    -NiCeGuY- Registered Member

    Joined:
    Mar 5, 2007
    Posts:
    79
    HI , climenole , its very helpful , tyvm :D :D
     
Thread Status:
Not open for further replies.