Phant0m I need Your Help Again

Discussion in 'LnS English Forum' started by whitedragon551, Dec 14, 2010.

Thread Status:
Not open for further replies.
  1. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,256
    Location:
    USA
    Alright I went through this again as I had to reinstall LnS. I thought I had my rulesets backed up in Winrar, but the archive was corrupt. Just my luck.

    https://www.wilderssecurity.com/showthread.php?t=271577

    I have added the Raw Edition plugin to LnS. I have started adding ports at field 2, type TCP, ports allowed and not logged, IP type is set to any, operator is set to and, field size is set to 2 bytes. Direction is set to both. Field offset is set to 0 for inbound, 2 for outbound. Yet I still cant connect. Am I missing something here?
     
  2. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,721
    Location:
    Canada
    Hi,

    Let's see what you have thus far.

    .. And don't forget about rule positioning ;)
     
  3. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,256
    Location:
    USA
    I didnt forget rule positioning. I started and the field set 2 and worked my way back. After I saved the rule what I placed in field set 2 was moved to field set 0.

    Shortly after I had posted this thread I was able to get it working using the multi port ban list.

    However now Im curious is there a way to condense the BF2 TCP and UDP multi port ban lists together to create a single rule for BF2?
     
  4. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,721
    Location:
    Canada
    A rule to-do TCP & UDP combinations
     

    Attached Files:

  5. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,256
    Location:
    USA
    Thats it? I dont have to change anything with the field 0?
     
  6. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,721
    Location:
    Canada
    That's it. :)
     
  7. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,256
    Location:
    USA
    Now for these raw rules will field one always be the same two ports, 17 and 6?
     
  8. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,721
    Location:
    Canada
    Field #1 always remains the same when matching to IP Protocols TCP & UDP (this isn’t port numbers but IP Protocol numbers)
     
  9. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,256
    Location:
    USA
    Ok. And with field 0 is that also always going to be the same when dealing with a TCP/UDP rule?
     
  10. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,721
    Location:
    Canada
    Field #0 can be changed to reflect the Ethernet type, IPv4, or IPv6, or BOTH
     
  11. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,256
    Location:
    USA
    I get that, but what about the Field Values. Or is that what your referring to? For instance with my BF2 multi ban list TCP ports are assigned field 0 with a field value of 2156 but the UDP ports are assigned field 0 with a field value of 2048.
     
  12. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,721
    Location:
    Canada
    What version of my plugin you using?
     
  13. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,256
    Location:
    USA
    The latest. I just downloaded the plugins today about 10 hours ago or so.
     
  14. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,721
    Location:
    Canada
    x64 version?
     
  15. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,256
    Location:
    USA
  16. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,721
    Location:
    Canada
    If you hadn't, re-create the BF2 rule with this latest plugin.
     
  17. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,256
    Location:
    USA
    The plugin version is 2.03 for the RawRule plugin. For the multi port banlist I have v1.01 and for the multi IP ban list I have v1.04
     
  18. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,721
    Location:
    Canada
    Fields (#0-15)
    - #0 = Ethernet type
    - #1 = IP Protocol
    - #2, 3, 4 ... = Ports

    Field #0, Field Value1 always should be seen with Value 2048 for IPv4 type checking
     
  19. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,256
    Location:
    USA
    So the TCP field value and UDP port value for field 0 are always going to be 2048, not the 2156 thats there?

    What are the field values for field 0 Ethernet Types? You mentioned one was for IPV4, IPV6, and both?
     
  20. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,721
    Location:
    Canada
    For TCP, UDP rules, just the first field starts off that way

    2048 = IPv4, 34525 = IPv6, Field_Criteria:Equal_Value1OR2[Value1: 2048, Value2: 34525] = BOTH
     
  21. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,256
    Location:
    USA
    Ok and the proper operator for these multi port rule sets should be set to "or" instead of "and"?
     
  22. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,721
    Location:
    Canada
    For Fields #'s that specifies port numbers.
     
  23. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,256
    Location:
    USA
    Ok for some reason after editing the Field 1 to allow the TCP and UDP protocols with 6 and 17. In the log I keep getting the allowed ports being blocked by another rule. I have to place the rule before or after the rule blocking the ports?
     
  24. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,721
    Location:
    Canada
    Attach the rule, let me have a look.
     
  25. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,256
    Location:
    USA
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.