NPF2002

Discussion in 'other firewalls' started by Gandalf, May 2, 2004.

Thread Status:
Not open for further replies.
  1. Gandalf

    Gandalf Registered Member

    Joined:
    Jan 20, 2004
    Posts:
    32
    Location:
    Cheshire, UK
    Hi. Is anyone familiar with NPF2002. I need help setting an outbound rule for an application to a specific port.
    Many thanks. Gandalf
     
  2. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Ask away :)

    Regards,

    CrazyM
     
  3. Gandalf

    Gandalf Registered Member

    Joined:
    Jan 20, 2004
    Posts:
    32
    Location:
    Cheshire, UK
    Thanks for the quick reply CrazyM. The application I need to set the rule for is Port Explorer. I asked there first and they told me what was needed but weren't familiar with NFP2002.
    First I scanned for Internet enabled applications and PE wasn't listed so I added PE.exe manually to the list.
    What I need help with is how exactly do I create a rule to allow PE an outbound rule to TCP port 43 to get the built in whois facility to work as PE Forum says my Firewall is stopping it. I don't even know the URL or IP adress numbers to use for whois or how to access the settings panels.
    I hope I'm explaining myself ok.
    Many thanks for your time.
    G.
     
  4. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Rule xx Port Explorer Who Is
    Rule in use: Yes
    Logging: No
    Protocol: TCP
    Action: Permit
    Direction: Outbound
    Application: Port Explorer
    Local Service: (1024 - 5000)
    ...Range Begin: 1024
    .....Range End: 5000
    Local Address: Any Address
    Remote Service:
    ...............Port: 43
    Remote Address: Any Address

    As the Who Is look up will use multiple servers, it is best to leave the remote address to any.

    Regards,

    CrazyM
     
  5. Gandalf

    Gandalf Registered Member

    Joined:
    Jan 20, 2004
    Posts:
    32
    Location:
    Cheshire, UK
    CrazyM. Thanks for your quick reply, but in NPF2002 I can't find the section you have to use to input the info you have provided. I click on "Internet Access Control" which list all internet enabled applications. I had to manually add Port Explorer.exe to the list then after highlighting Port Explorer I get the option to customize. The boxes that appear do not correspond to be able to input any of your info. Would it help if I sent some screen shots of the boxes?
    Gandalf
     
  6. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Another way to create the Who Is rule for PE would be to:
    - delete any existing rule(s) for this in NIS
    - start PE and use the Who Is feature
    - when NIS prompts, select manual and work through the wizard
    - as noted above, make sure remote address is set for any (the wizard will usually enter the IP, you will just have to delete it and select any)

    Let me know if that works for you.

    Regards,

    CrazyM
     
  7. Gandalf

    Gandalf Registered Member

    Joined:
    Jan 20, 2004
    Posts:
    32
    Location:
    Cheshire, UK
    CrazyM. Thanks for your reply. Still no good. I even managed to find a tutorial for creating rule in NPF2002 - followed to the letter but no good.
    As a test, I temporarily disabled Firewall and Whois utility worked like a charm.
    For now I've added Whois.arin web page to my search bookmarks.
    Gandalf
     
  8. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Going OT a little but try DNSStuff - it can do whois queries and a great deal more.
     
  9. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Have a look at the following section on this site and see if it helps.

    AtGuard/NIS Creating/Modifying Rules

    Regards,

    CrazyM
     
  10. Gandalf

    Gandalf Registered Member

    Joined:
    Jan 20, 2004
    Posts:
    32
    Location:
    Cheshire, UK
    Thanks CrazyM. I will work through it over the weekend.
    Gandalf
     
  11. Gandalf

    Gandalf Registered Member

    Joined:
    Jan 20, 2004
    Posts:
    32
    Location:
    Cheshire, UK
    Cheers. Will use until I find out why my Firewall won't allow access to the inbuilt utility in PE.
    Many thanks for the url.
    Gandalf
     
  12. Gandalf

    Gandalf Registered Member

    Joined:
    Jan 20, 2004
    Posts:
    32
    Location:
    Cheshire, UK
    CrazyM. This is driving me nuts! Have created rule to allow whois access (it is all in just one rule is it?)
    Still no joy.
    Rule description reads: Permit, Direction: Outbound,Computer: Any, Communication: Specific, Protocol: TCP
    In specific I entered the range of ports you suppied and port no 43 in remote.

    Am considering upgrading to NFP2004 - maybe that might help.
    Gandalf
     
  13. jvmorris

    jvmorris Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    618
    Gandalf,

    I've read through this over the past few days and watched the thread evolve and, to be quite honest about it, I'm not sure what your problem is, either!

    The only idea that even comes to mind is to very carefully check the complete path to Port Explorer and then verify (using Windows Explorer) that the path is completely correct. When I say complete path, I mean confirm the drive is correct, confirm the folder navigation is correct, and then confirm that you've got the name of the executable absolutely correct.

    There really is no reason why you should be having a problem with NPF 2002 that going to NIS/NPF 2004 should resolve -- it has to be something else.
     
  14. FanJ

    FanJ Guest

  15. Gandalf

    Gandalf Registered Member

    Joined:
    Jan 20, 2004
    Posts:
    32
    Location:
    Cheshire, UK
    Thanks jvmorris. I'll do just that. Another has come to mind. Could there be a setting in the system-wide rules that is blocking this action - I'll check that as well. Many thanks for your input.
    Gandalf
     
  16. jvmorris

    jvmorris Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    618
    Yes, that's a possibility.

    And Albert's AGNIS Rules Viewer (recommended by FanJ) is a good way of finding something like this.

    Just to re-emphasize FanJ's point: If you upgrad to NIS/NPF 2004, the AGNIS Rules Viewer will not work, nor is there any equivalent alternative.
     
  17. Gandalf

    Gandalf Registered Member

    Joined:
    Jan 20, 2004
    Posts:
    32
    Location:
    Cheshire, UK
    jvmorris, fanj. Many thanks for your suggestion. Have just downloaded Agnis Rules Viewer. Will let you know what it shows.
    Gandalf
     
  18. Gandalf

    Gandalf Registered Member

    Joined:
    Jan 20, 2004
    Posts:
    32
    Location:
    Cheshire, UK
    Brilliant. Checked every rule. It shows rule I created to be working, but still when I try to access the Whois utility in Port Explorer says: "Server closed unexpectedly, might be busy, try again later. Seeing as the rule says it is working, maybe it's not the firewall but something with Port Explorer. See attachment
     

    Attached Files:

  19. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    This appears to be a Port Explorer message. Check your settings for the Who Is utility, is it set for Automatic Search?


    Check View Statistics > Firewall Rules and see if the Port Explorer rule is being matched/used. The rule looks fine and should work. If it is not showing as being matched/used, check your firewall logs.

    If it is being matched/used, it could be a Port Explorer issue or problem with the Who Is servers.

    Regards,

    CrazyM
     
  20. FanJ

    FanJ Guest

  21. Gandalf

    Gandalf Registered Member

    Joined:
    Jan 20, 2004
    Posts:
    32
    Location:
    Cheshire, UK
    Gentlemen. All is now well. The problem was with the Firewall and not PE. All hell broke loose with my Norton av and PFW over the last few days which meant I had to uninstall all my Norton Products - devil of a time, no support for any except the Knowledge Base articles. Finally got rid of all the leftovers and decided not to reinstall av and PFW but just Ghost. Now have Zone Alarm as my Firewall and guess what all PE utilities work perfectly.
    Thank you very much for all your time and help given to me over the last couple of weeks.
    Gandalf :cool:
     
  22. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi Gandalf

    Good to hear you are up and running.
    Would have been nice to figure out what was going on with NPF (I have used various versions with rules for Who Is utilities without a problem), but can appreciate your wanting something that is going to work for you.

    Regards,

    CrazyM
     
Thread Status:
Not open for further replies.