Rule For Cyberoam Client

Discussion in 'LnS English Forum' started by hanifv, May 22, 2007.

Thread Status:
Not open for further replies.
  1. hanifv

    hanifv Registered Member

    Joined:
    May 17, 2007
    Posts:
    14
    Hi people,

    I am new to LnS. I am using LnS along with the phant0m ruleset. My internet is PPPoE. A cat-5 cable goes in my LAN card through which I get my internet connection. I have to use a client (where i put in the username and password assigned by the ISP) which is called Cyberoam 24Online Client. I need help setting up a rule for this client.

    Also, do I need seperate rules for each chat software i use or each torrent software i use ?
     
  2. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi hanifv :)

    :rolleyes:

    Since your a newbie why not keep things simple and use the LNS enhanced rule set ? It's a good rule set to start...

    "The Cyberoam client and server communicate over UDP. The server usually listens on port 6060"
    Ref.: http://linc.sourceforge.net/protocol.php

    So, according to this reference I found, you have to create a rule like that:

    Protocol: UDP
    Packets: incoming and outgoing

    Left side of the editing windows:
    IP addr. Equal My@
    Ports: Between A-B 1024...5000

    Right side of the editing windows:
    IP : all (no entry)
    Port: 6060

    Application: enter the executable of this application in this specific rule.

    This is very important. This rule must be activated only by this application, not all applications...

    Then put that rule just after the general rule "Allow most common internet programs" (in the LNS enhanced Rule set) or the equivalent in the rule set you are using...

    Save, apply and reboot.

    Check in the LNS log if there is some blocking...

    No Sir.

    1- A rule set must have a general rule for the common internet programs in TCP. This rule may give a full access from the local standard ports (in W xp 1024 to 5000) to all ports...

    By "general rule" I mean a rule used by any program allowed in the Application filter.
    By "specific rule" I mean a rule activated and used by at least one program...

    A specific rule is not needed for TCP "normal " programs. You may create such rule to have a more "verbose" log, but it's not more secure...

    2- Specific rules are needed for this:

    a) a program using the UDP protocol (like "Cyberoam"...)
    b) a program using a "non-standard" local port (e.g. some VoIP)
    c) a program for a server or for the server part of this program (e.g. p2p)

    :)
     
  3. hanifv

    hanifv Registered Member

    Joined:
    May 17, 2007
    Posts:
    14
    Thanks a lot. That clears up a lot of things.

    What are the pros and cons of the phant0m ruleset ? Is it more secure ? I shouldnt be using it ?

    Also where can I get rules for utorrent and ares ?
     
  4. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    HI hanifv :)

    For Phant0m's rules set:

    There no "cons" about the Phant0m rule set.
    But it's the same for any rule set: you must know what's you're doing...

    For µTorrent:

    One specific rule for µTorrent server: must be put before the rule "+TCP : Block incoming connections"

    One specific UDP rule for the DHT: rule must be put after the rule "+TCP : Block incoming connections"

    All the other packets are managed by a general TCP rule equivalent to the LNS enhanced rules set: "Authorised common Internet application" ... (Otherwise you have to create a specific rule for the "client" part of µTorrent:
    somethings like from local ports range to all remote ports in TCP for the applications µTorrent. See the idea ? )

    The ports used in the sample rules must be changed to the same used in the µTorrent program (or the opposite as you wish...)

    To import, rename and remove the trailing .TXT ...

    :)
     

    Attached Files:

Thread Status:
Not open for further replies.