Solo Anti Virus will not update. Rule(s) needed.

Discussion in 'LnS English Forum' started by cdysthe, Mar 11, 2004.

Thread Status:
Not open for further replies.
  1. cdysthe

    cdysthe Registered Member

    Joined:
    Mar 6, 2004
    Posts:
    70
    Location:
    Austin, TX and Oslo, Norway
    Hi,

    I am using Solo Anti Virus (from www.srnmicro.com). However, even if I allow the application it won't update without me disabling LnS. It looks like it connects on port 80 to determine if updates is available and the downloads them by FTP on port 20. I have tried to make some rules, but they do not work. The connnection on port 80 works, but the download doesn't.

    Here's the log entries I can find regarding this:

    03-11-04,08:08:11 D-619 'TCP : Block incoming con' 65.77.209.226 TCP Ports Dest:1407 Src:ftp-data=20

    03-11-04,08:12:28 D-638 'TCP : Block incoming con' 65.77.209.226 TCP Ports Dest:1450 Src:ftp-data=20

    03-11-04,09:50:25 D-729 'TCP : Block incoming con' 65.77.209.226 TCP Ports Dest:1536 Src:ftp-data=20

    03-11-04,10:28:10 U-1023 'TCP : Any other packet ' 146.72.235.10 TCP Ports Dest:www-http=80 Src:1944
    03-11-04,10:28:11 U-1024 'TCP : Any other packet ' 146.72.235.10 TCP Ports Dest:www-http=80 Src:1945

    Have anyone used Solo Anti Virus with LnS and have update work successfully?

    TIA for help and/or pointers.
     
  2. killjoy

    killjoy Registered Member

    Joined:
    Feb 28, 2004
    Posts:
    21
    Have u only made an allow rule for this app in app filtering ?? Because for some programs you also have to make a rule within internet filtering allowing this app. That should fix it
     
  3. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi,

    It seems the download uses the FTP protocol. Is there a way to configure the updater to use passive FTP mode ?

    Frederic
     
  4. cdysthe

    cdysthe Registered Member

    Joined:
    Mar 6, 2004
    Posts:
    70
    Location:
    Austin, TX and Oslo, Norway
    Nope, there's no options for the update mechanism, so I guess I will have to play around with a rule allowing ftp port 20 for this application only. Would that be the right approach? It's kind of hard to do testing since they only have updates one every couple of days. And without an update available I can't test since no ftp transfer is needed.
     
  5. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi,

    Yes, you need to create a rule that will open the port 20 for incoming connections. When editing the Internet Filtering rule, click on the Application button and select the Updater application, this will cause the port to be open only when the updater is running.

    Frederic
     
Thread Status:
Not open for further replies.