LnS and Making Rules....?

Discussion in 'LnS English Forum' started by dja2k, Sep 2, 2005.

Thread Status:
Not open for further replies.
  1. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Can anyone explain how to make a rule for shareaza so I can use port fowarding with my router. I use port 6346 in both TCP and UDP if that helps.

    dja2k
     
  2. ???

    ??? Guest

  3. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Okay seen that before, helped me a little, but I need someone showing me how to specifically set up one. I mean I know how to do rules in outpost and zonealarm, but this LnS has more items I don't understand when you click add to the ruleset to create your own. Also I heard that it matters where you set it up in terms of position being at the top, middle, or end of the rule list.

    dja2k
     
  4. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    And that's the beauty of LnS - Greater configurability (ie. down to a finer level)

    The basic idea when adding new rules is to add them as close the bottom as the rule will allow. This way, you will not affect rules which are more important than it (ie. the rules above it).

    Anyway, that's the LnS rule system simplified. I will try to respond withimn the next couple of days with a (hopefully) suitable rule for your needs.

    Regards,
    Mr. D
     
  5. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Rule positioning is important, and placing rules close to the bottom could be an issue if you trying to create rule to apply to initiating connections from remote machines, (applications acting as server). :)
     
  6. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    So um then, where does a rule go to allow shareaza as a server using specific ports?

    dja2k
     
  7. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Since LnS is real confusing in setting rules for p2p port fowarding using a router and not getting enough help on the subject, might just have to look for an alternative firewall, but thanks for trying to help guys.

    dja2k
     
  8. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Have you not been able to get a working rule at all?
    Did you try importing one of the P2P rules off the site and modify it for your requirements? Do the logs indicate what all is being blocked and have you tried making your rule from there?

    Above anything else that may block it. You mention it requires both TCP and UDP so you would require two rules, one for each section of your rule set for that protocol.

    Regards,

    CrazyM
     
  9. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Okay I got this much as seen in the uploaded picture, the UDP was set the same way This rules were set on the very top since I don't know specifically were they go. This gives me a green lite on both UDP and TCP ports using the shareaza connection test found here http://shareaza.crucial-torrents.com/connectiontest/ . I don't know if they are right, I just copied from the rule Winmx in the LnS website.

    dja2k
     

    Attached Files:

  10. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Well that rule defines the source port (remote computer) but has ALL for destination port (your PC). Not having used the program, do the ports vary depending on inbound or outbound connections? Or is it consistent on both ends all the time (6346)? (ie. you have 6346 in both source and destination port)

    Regards,

    CrazyM
     
  11. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Well I don't really know, but here is what I used to put in zonealarm to use port fowarding.

    I would put source (my computer) destination (internet zone) ports (udp and tcp 6346) I have my firewall allowing my ip address to use tcp and udp port 6346 as well.

    That was about it. That would give me green on the test connection too.

    dja2k
     
  12. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Do you get the green light with the test if you have 6346 in both source and destination? You could always enable logging on your existing rule to see what it is really using.

    Regards,

    CrazyM
     
  13. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    It is only using port 6346 and well the incoming vary, though is it safe to have the rules at the very top or should I move them little by little trying to see where they go?

    dja2k
     
  14. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Okay deleted the rules I made and found these here on Wilders. The thing is I keep getting blocks with Type 3, Code 3 when shareaza is running and when shareaza is closed, I get some Type 3, Code 1 on some blocks. After closeing shareaza, I do see the firewall logging blocked attacts to a close shareaza port, but I don't know why it gives the Type 3, Code 1 on some.

    I also imported the rules right before +TCP block incoming connections as Phantom suggested to do on another post. This seems to give me a green light on TCP and UDP in the connection test as well.

    dja2k
     
  15. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    ICMP Types/Codes
    Internet Control Message Protocol

    ICMP is basically used for error messages and notification of other conditions. The type 3, Destination Unreachable, would not be unusual to see in the circumstances you describe. If a system/destination is unable to process or is unavailable you may see these. In your case code 3 - port unreachable and code 1 - host unreachable.

    Regards,

    CrazyM
     
  16. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    But is it okay to be logging all thiese type 3, code 3 unreachable, wouldn't that make the log real big? I mean I think I remember in outpost, turning the port unreachable off or something.

    dja2k
     
Thread Status:
Not open for further replies.