jetico's rule for p2p

Discussion in 'other firewalls' started by shek, Oct 10, 2005.

Thread Status:
Not open for further replies.
  1. shek

    shek Registered Member

    Joined:
    Mar 27, 2005
    Posts:
    342
    Location:
    SE CHINA/NYC USA
    hi, all

    I have a problem for jetico's(1.0.1.61) rule for emule(0.46c) and bitcomet(0.59). Everytime i run emule, i get a low ID. For bitcomet, i only receive local connection.

    i create a table called p2p so that all p2p software in the ask user table will be directed to this group. Here are the setup.
    action / description / protocol / local address / remote address / local port / remote port
    accept ----access to network
    accept ----outpound connection tcp/ip any any 1024-65535 1024-65535
    accept ----inbound connection tcp/ip any any 1024-65535 1024-65535
    accept ----send datagrams tcp/ip any any any any
    accept ----receive datagrams tcp/ip any any any any
    ask------info

    i know the setup is not tight at all, but i think it is most compatible. After i set it up, no more popup relates to bitcomet/emule, although i do set up a rule to ask info.

    however i still got low id and local connection.

    here is part of the fw's log for emule
    10/10/2005 15:09:10.968 reject Block All not Processed IP Packets 52 TCP outgoing packet 69.22.*.* 66.135.*.* 4662 47879
    10/10/2005 15:08:50.609 reject Block All not Processed IP Packets 77 UDP incoming packet 222.158.*.* 69.22.*.* 4004 4004

    here is part of the log for bitcomet, port 17125 is the port i used.
    10/10/2005 15:12:53.437 reject Block All not Processed IP Packets 48 TCP incoming packet 69.162.*.* 69.22.*.* 3617 17125
    10/10/2005 15:15:35.203 reject Block All not Processed IP Packets 48 TCP outgoing packet 69.22.*.* 220.141.*.* 17125 3091
    10/10/2005 15:40:02.250 reject Block All not Processed IP Packets 48 TCP outgoing packet 69.22.*.* 82.38.*.* 17125 62000
    10/10/2005 15:41:38.500 reject Block All not Processed IP Packets 52 TCP outgoing packet 69.22.*.* 82.32.*.* 17125 33236

    it confuses me, because in jetico's rule set, blocking all not processed ip packets only applies after the application table. if anything belonging to p2p doesn't match the rules, a popup should show up which is my last rule for p2p. but it doesn't happen.

    btw, i had not had any problems with this setup for about half a year. Just one week ago, i built a new computer(amd sempron64 2500+, 1G ddr400, windows xp pro sp2, the old one also had the same os. i just saved the ruleset and applied to the new machine) and since then the problem came out. Except this, all other rules work fine.

    i also tried to uninstall the jetico, including the jetico's hidden non-plug and play drivers. then I reinstalled it and built the brand new rules, based on the popup. but it didn't work.

    if changed to windows firewall, the emule and bitcomet would be back to normal.

    any ideas or comments?

    best regards,

    shek
     
  2. luvhirez

    luvhirez Registered Member

    Joined:
    May 13, 2005
    Posts:
    87
    Location:
    Melbourne
    Hi Shek,
    I use soulseek

    here are my rules,

    create a table called EMULE
    in this table create

    1/allow access to network
    2/allow tcp/ip out to any
    3/alow tcp/ip in to any(or a local port of your choice, for soulseek I forward port 2234) I dont know how emule works.
    4/ask for any

    therefore only EMULE has access to these rules, not a global rule.
    I never get pop ups at all.
    only the first time you open the program, which you "handle as" EMULE

    I hope this helps

    *sorry didnt read in full, I did get the block non processed packet in the logs. But it stopped soon after
     
  3. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,696
    Hi,
    Have you made a home network (internet connection sharing)?
    Is the new computer the one connected to the internet and the old one through it? If not, you'll have low id, no matter what.
    Mrk
     
  4. shek

    shek Registered Member

    Joined:
    Mar 27, 2005
    Posts:
    342
    Location:
    SE CHINA/NYC USA
    mrkvonic---

    thank you for the reply. I don't set up a home network. the old omachine broke down so i build a new one. it's a single pc directly connecting to the internet (no router).

    shek
     
  5. manzz

    manzz Registered Member

    Joined:
    Oct 6, 2005
    Posts:
    55
    Hi
    I have just installed this firewall, and been having a play. I dont use P2P anymore but I think your low ID problem is because You need to set up a "listening port" and/or "listening datagrams". (Application rule/packet parameters/event...) Then override the port for the one you are using, for incoming (try adding this to your P2P ruleset)

    Hope this is correct and helps.
     
    Last edited: Oct 13, 2005
  6. shek

    shek Registered Member

    Joined:
    Mar 27, 2005
    Posts:
    342
    Location:
    SE CHINA/NYC USA
    manzz--

    thank you. Actually listening portand listening datagrams are default rules in the application table.

    the problem has disappeared after I reinstalled my windows xp. I think it relates to conflicts of firewall drivers. Because i tried to install and uninstall almost every free firewall to see which one meets my needs ( free, stable, less cpu/memory usage, rule based/ configurable, less vulnerable). Finally i got BSOD many times after i installed za, which was my second choice after jetico. Then i gave up and reinstall a clean system. Now everything runs as smooth as before. Both jetico and za work again.

    btw, the reason i didn't choose za(5.5 free) as my first choice is that its memory usage would increase dramatically after heavy use of p2p. and the version 6 doesn't improve a lot either.
     
Thread Status:
Not open for further replies.