new shareaza rule

Discussion in 'LnS English Forum' started by birdie, Nov 30, 2004.

Thread Status:
Not open for further replies.
  1. birdie

    birdie Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    8
    Hi all,

    I created a shareaza.rie rule. Please experiment with it and post your feedback!
    Link is following soon by frederic.
     
  2. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
  3. Guzz

    Guzz Registered Member

    Joined:
    Dec 16, 2004
    Posts:
    13
    Im a user of Look'n'Stop and I just downloaded Shareaza and loaded this rule that is in Frederic post .. But my shareaza still isnt working properly, it slows down when my firewall is open n i get many messagens on the Log tab .. how can i use both programs on my computer, any other rule ?
     
  4. Guzz

    Guzz Registered Member

    Joined:
    Dec 16, 2004
    Posts:
    13
    can anyone help ?
     
  5. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    I may be mistaken; depending on the configuration doesn’t Shareaza use “random ports”? If that is the case you’ll need to configure it to specific ports that are used in the rules.

    My second question is, do you see TCP Stateful Packet Inspection alerts? If that is the case also you will need to disable TCP SPI in Look ‘n’ Stop Options screen and click Advanced Options button and decheck “TCP Stateful Packet Inspection”.

    Thirdly, copy the lines associating with the blockings that are shown in Internet Filtering screen and paste it here.

    ;)

     
  6. Guzz

    Guzz Registered Member

    Joined:
    Dec 16, 2004
    Posts:
    13
    Hey dude, thanks for helping ! Im a newbie and theres somethings about firewall which are too much complex for my brain cells :(

    I checked the Options and "TCP Stateful Packet Inspection" is currently disabled. I am using the StandardRulesSet which comes by default plus the rules mentioned in the post of Frederic in this thread .. If I use the EnhancedRulesSet doesnt make difference, the alerts are the same regarding Shareaza ..

    I removed all the alerts and when I open Shareaza/use search function/download the following alerts are shown in the Log tab:

    1) Rule: ICMP: All ICMP types(nukes...) Additional: type: 3 code: 3

    2) Rule:UDP : Any other UDP packet Source Port: netbios-ns Destination Port: netbios-ns

    3) Rule: UDP : Any other UDP packet Source Port: Gnutella1 Destination
    Port: Gnutella1


    So I clicked with the right-button and added the rules mentioned above .. after doing this, I could use Shareaza with no problem, its working properly ! No more alerts are shown .. However, I'd like to ask you if I can add these rules, if its secure or should I modify them ?

    1) Rule: UDP : Allow Port 6346 ; This rule allows others computers to connect
    to your PC, using the UDP port 6346.

    2) Rule: UDP : Allow Port 137 ; This rule allows your PC to connect to other
    computers on the UDP port 137.

    3) Rule: ICMP : Allow Type 3 ; This rule allows your computer to receive
    and to send packets of type 3 on ICMP protocol.
     
  7. birdie

    birdie Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    8
    Hi Guz,

    Shareaza communicates through udp and tcp 6346. This is the only port really needed. You can configure shareaza on random ports, but just leave it on 6346. (see settings, internet, connection).

    In my rule you can also find tcp ports for outgoing connections for Edonkey. This is done, because when shareaza starts or stops, it connects with Edonkey.

    I tested it on Phantom rules v6, I see now what you mean, using the enhanced rules.

    The 2 rules you suggest are not neccesary, yet opening port 137 is even dangerous. I don´t know why you get that message, I don´t get it here on my system.

    About ICMP 3,3: It means your firewall gets a destination/port unreachable message. Creating a rule is NOT neccesary for the working of Shareaza. You can create a rule to get rid of the logs. I should suggest to block it, like done in the Phantom rules.
    See also Phantom´s table on http://www.fluxgfx.com/forum/viewtopic.php?t=61.

    Good luck!

    Birdie
     
Thread Status:
Not open for further replies.