Rule help

Discussion in 'LnS English Forum' started by ellison64, Aug 16, 2007.

Thread Status:
Not open for further replies.
  1. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,570
    Hello..
    I cant seem to be able to get visualroute lite edition to work correctly with looknstop running.The logs showed icmp type 11 being blocked so i right clicked and let looknstop create the rule and added the applications in that rule but it still doesnt seem to work.Heres some of the log....
    8-16-07,21:20:06 D-225 'ICMP : All ICMP types (n' 87.127.229.33 ICMP Type:11 Code:0
    See pics to see what i created.What am i doing wrong?
    tia ellison
     

    Attached Files:

  2. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi ellison64 :)

    1- Incoming packets only
    2- Destination IP: equal My @

    The traceroute works by sending type 8 code 0 (echo) ar different intervals
    and received the answer from Internet with Type 11 code 0...

    Hope this help. Lest us know.
     

    Attached Files:

    • ex01.jpg
      ex01.jpg
      File size:
      51.5 KB
      Views:
      171
  3. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,570
    Thank you very much for the rules and pics to make it easier :)
    Works great now !
    Thank you once again
    ellison
     
  4. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi

    I downloaded this software to check it myself...

    1- You don't have to add the programs in the rule.

    2- This program access the web in UDP also...

    Send UDP packets from local ports to this IP addr.:unknown206.111.234.205
    on port 40000 to 40002 ...

    unknown206.111.234.205 is:

    OrgName: Defender Technologies Group, LLC
    OrgID: DTGL
    Address: 44470 Chilum Place, Building 1
    Address: Suite 1197
    City: Ashburn
    StateProv: VA
    PostalCode: 20147
    Country: US

    ReferralServer: rwhois://rwhois.defenderhosting.com:4321/


    Phone Home like E.T. ?

    May be used for Domain name resolution as far as I know.
    Just check the data sended by these packets...

    So create a rule for this:

    Protocol : UDP

    Packets : in and out

    addr.: form My @IP
    Ports: in local

    addr. all (no entry)
    Ports : Between A-B : 40000 ... 40002

    EDIT: phone home on port 80 (HTTP) too ... :rolleyes:

    :)
     
    Last edited: Aug 16, 2007
  5. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,570
    Thanks for the extra information.I havent allowed the udp rule but it still works anyway.Visualroute does notify you whether its database/version is uptodate so it may be that calling.It works fine just allowing that type 11 for what i want it for anyway.
    thanks again for your kind help.
    ellison
     
  6. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi ellison64 :)

    Yes you're right. ICMP only is correct.

    :)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.