Rule help

Discussion in 'LnS English Forum' started by ellison64, Aug 16, 2007.

Thread Status:
Not open for further replies.
  1. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,499
    Hello..
    I cant seem to be able to get visualroute lite edition to work correctly with looknstop running.The logs showed icmp type 11 being blocked so i right clicked and let looknstop create the rule and added the applications in that rule but it still doesnt seem to work.Heres some of the log....
    8-16-07,21:20:06 D-225 'ICMP : All ICMP types (n' 87.127.229.33 ICMP Type:11 Code:0
    See pics to see what i created.What am i doing wrong?
    tia ellison
     

    Attached Files:

  2. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi ellison64 :)

    1- Incoming packets only
    2- Destination IP: equal My @

    The traceroute works by sending type 8 code 0 (echo) ar different intervals
    and received the answer from Internet with Type 11 code 0...

    Hope this help. Lest us know.
     

    Attached Files:

    • ex01.jpg
      ex01.jpg
      File size:
      51.5 KB
      Views:
      171
  3. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,499
    Thank you very much for the rules and pics to make it easier :)
    Works great now !
    Thank you once again
    ellison
     
  4. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi

    I downloaded this software to check it myself...

    1- You don't have to add the programs in the rule.

    2- This program access the web in UDP also...

    Send UDP packets from local ports to this IP addr.:unknown206.111.234.205
    on port 40000 to 40002 ...

    unknown206.111.234.205 is:

    OrgName: Defender Technologies Group, LLC
    OrgID: DTGL
    Address: 44470 Chilum Place, Building 1
    Address: Suite 1197
    City: Ashburn
    StateProv: VA
    PostalCode: 20147
    Country: US

    ReferralServer: rwhois://rwhois.defenderhosting.com:4321/


    Phone Home like E.T. ?

    May be used for Domain name resolution as far as I know.
    Just check the data sended by these packets...

    So create a rule for this:

    Protocol : UDP

    Packets : in and out

    addr.: form My @IP
    Ports: in local

    addr. all (no entry)
    Ports : Between A-B : 40000 ... 40002

    EDIT: phone home on port 80 (HTTP) too ... :rolleyes:

    :)
     
    Last edited: Aug 16, 2007
  5. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,499
    Thanks for the extra information.I havent allowed the udp rule but it still works anyway.Visualroute does notify you whether its database/version is uptodate so it may be that calling.It works fine just allowing that type 11 for what i want it for anyway.
    thanks again for your kind help.
    ellison
     
  6. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi ellison64 :)

    Yes you're right. ICMP only is correct.

    :)
     
Thread Status:
Not open for further replies.