Jetico Firewall & BT

I've been using Jetico for a while, but I've been struggling to get BT to work with it. It seems to prevent incoming connections, and a large amount of packets seem to get blocked by the final block rule.

I've been forced to go back the Kerio 2.15, but I would like to go back to Jetico, so if anyone has any ideas.

Cheers,

A.

 

Jetico will work with bittorrent. I assume that is what you mean by BT. However, the default rule they give you might not be entirely correct.

With bittorrent you set up a server port that allows TCP in from any remote port and any remote address. The default server port is 6881, but random ports over 48000 seem to work the best as some ISP's are slowing down 6881. Outbound TCP from pretty much any port greater than 1023 to remote ports 80 plus any remote port greater than 1023 is also required. If using Azureus, allow UDP both ways on the server port as well.

 

Well as a default, I set Azureus as a trusted application. Which I would have thought by the rule setup within Jetico, would be enough.

I consider myself pretty much clueded up on firewalls, both hardware and software, and nothing I tried would allow incoming packets.

 

You need to make a rule just for Azureus


Tighter Rules for Azureus-

If you don’t have either Jetico or Azureus installed yet, forget this part. If you do have Azureus installed, let’s unhook the program from the default Torrent rule. To do this, open the Jetico GUI, click on the configuration tab. Click “Optimal Protection”, then ask user. On the right hand panel, search for all instances of Azureus (should only be one) and delete it (or them)- done by highlighting it, right click- delete


Now for the rules- Azureus is real easy since it just needs a TCP connection on 6881.

1). In the left panel under “Optimal Configuration” right click and choose “New Table”. When you see it, highlight it and rename to Azureus. Move to the Right Panel now.
2). Right click>new>application rule>Event>choose “access to network” Click OK.
3). Right click>new>application rule>Description- Type in "Listening Port 6881". Then click "Packet Parameters"Event>choose "Listening Port". inder "Protocol" choose TCP/IP. Next, go to “Local Address” and click the box for “Override Port”, Click on “Port” and choose “Single Port”. Fill in 6881 in the Port Number Box. Click OK.
4). Right click>new>application rule>Description- Type in “Inbound Connection”. Then click “Packet Parameters”>Event- click Inbound Connection. Then “Protocol” and click TCP/IP. Next go to “Local Address” and click the box for “Override Port”, Click on “Port” and choose “Single Port”. Fill in 6881 in the Port Number Box. Click OK.
5). Right click>new>application rule>Description- Type in “Outbound Connection”. Then click “Packet Parameters”>Event- click Outbound Connection. Then “Protocol” and click TCP/IP. Next go to “Remote Address” and click the box for “Override Port”, Click on “Port” and choose “Single Port”. Fill in 6881 in the Port Number Box. Click OK.


We’re done. Fire up Azureus; when the Jetico nag box comes up pick Azureus instead of Bittorrent. Give Java total access.

NOTE: if you’re behind a router, don’t forget to forward TCP 6881 if you haven’t done so already!!!!

I can't take credit for this as it was posted on another forum by 'cruelsister'
as part of a tutorial.

 

Thanks for that, I'll give it a try.

My only comment was that I thought it was the java element that would need these rules rather than Azureus itself.

 

Nope it still not working, as before I'm getting loads of packets which are hitting the "Block All not Processed IP Packets" rule.

It's driving me crackers, as I can't see to find where they are coming from.

I've added a new table just for bit torrent apps, with all the rules that I know I will need. Finally at the bottom I've added a rejection rule for anything that doesn't hit any of the rules.

The rejection rule never gets hit.

It all hits the "Block All not Processed IP Packets" Rule.

Any ideas? Please....

 

Fixed

For anyone else who suffers this problem, you need to add 3 protocol specific rules.

1. Outgoing, with your Source Port being 6881 (or whatever you have chosen) and the ACK & SYN = 'SET'

2. Incoming, with your Destination Port being 6881 (etc.) and the ACK = 'SET'
2. Incoming, with your Destination Port being 6881 (etc.) and the PST = 'SET'

 

could you be a bit more specific on how to add these?

im assuming i add these in "Protocols Table" ?

but i cant for the life of me find ack & syn

thank you