Understanding LNS (Help Required!)

Discussion in 'LnS English Forum' started by pantezuma, Apr 19, 2010.

Thread Status:
Not open for further replies.
  1. pantezuma

    pantezuma Registered Member

    Joined:
    Apr 19, 2010
    Posts:
    14
    Hi to all!
    I´m new to this forum as to LNS.
    I was a happy user of Kerio 2.1.5 till I upgraded my OS to Windows 7, si I decided to give LNS Trial a chance since it has such a good reputation.
    My problem is that I really don´t understand how it works (internally, I guess).
    So far, I have discovered that ruleset it´s not associated with applications (as it is in Kerio). You just can activate a specific rule when an application is launched, but that rule will be available for all others applications. Is that right?
    That's quite strange to me... maybe cause I was so used to think in a different manner.
    I´m facing several difficulties trying to configure ports...
    For example, If I want to limit IE, Chrome, etc... to ports 80, 443 & 1080 how can I make that?
    The other part that I just don´t understand is that in Kerio, there was no need for accepting incoming connections unless you were to stablish a server (for example with P2P software, or DHCP requests).
    But I have experimented with a simple TCP Out rule for Chrome on remote port 80 and it doesn´t work if I don´t allow inbound and outbound...
    What am I doing wrong?
    Thanks in advance for any help!

    PS: Sorry for my English!!!
     
  2. doktornotor

    doktornotor Registered Member

    Joined:
    Jul 19, 2008
    Posts:
    2,047
    Go to Application Filtering, select the application, click edit, enter your TCP/UDP ports (and IPs) there (like 80;443;1080) click OK.

    That's a feature... You need to allow incoming traffic if needed, otherwise it's denied (beyond the predefined rules, such as DNS/DHCP).
     
  3. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Hi pantezuma,

    On the ‘Internet Filtering’ screen / Tab, right-click on an entry to bring up the context menu and visit ‘Applications...’ :)

    If you switched to ‘Advanced Mode’ found by visiting Look ‘n’ Stop ‘Options’ screen / Tab, clicking ‘Advanced options’ button. You can double-left click on an application entry in an list of application on Look ‘n’ Stop - ‘Applications Filtering’ screen and customize TCP and UDP ports and IPs. Multiple port specification 80;443;1080
     
  4. pantezuma

    pantezuma Registered Member

    Joined:
    Apr 19, 2010
    Posts:
    14
    Thanks both for your replies.
    Another question!
    As you may have noticed I´m not an expert in TCP / IP protocol, but I´m eager to learn!
    Maybe I´m wrong, but when in Kerio 2.1.5 you specified an application for certaing type of incoming connection you were limiting connections for that specific application and no other application may use that.
    Now, for example, I have stablished a TCP rule (allow incoming and outgoing) in my eMule port just to allow it to connect.
    But as this rule is not application specific any application can be listening in this opened port. Is that correct?
    Maybe Kerio worked the same way backgrounds and I never noticed...
    Yesterday I ran a test in GRC on that port and it was Opened (of course eMule was running). I think that when I ran eMule with kerio the port appeared as Closed.

    I don´t understand the "incoming connection" feature you mentioned. Why is that needed to allow Chrome to connect?

    Thanks to both and sorry for my english again!:)
     
  5. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Hi pantezuma,

    On the ‘Internet Filtering’ screen / Tab, right-click on an rule entry to bring up the context menu and visit ‘Applications...’, now associate an application to rule. When the application is running, the rule is enabled, when the application not running the rule is disabled. If you associating application to server rule, only the one application can listen on specific port at a time. soooooo;

    If you hosting a webserver and let’s say the application used is called X, listening on port 80, when the X runs, the server rule to permit connections through port 80 associated with X application becomes in enabled state, the X holding port 80 and nothing else can also listen on the port 80. X application closes, and the rule state changes to disabled state.
     
  6. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Hi pantezuma,

    An allowed / authorized application via Application Filtering is not restricted by default to send whatever packets, to whether these packets is permitted out to Internet depends on the second layer of defense .. Internet Filtering layer. However as I said previously, you can customize application destination IPs and ports at the very early stage, but you still have to have rule or rules for the application communications on the Internet Filtering screen also.



    Regards,
     
  7. pantezuma

    pantezuma Registered Member

    Joined:
    Apr 19, 2010
    Posts:
    14
    Ah!!! OK!!!
    I didn´t know that... I thought that the application triggered the rule but once triggered any application could take advantange of that one.
    So if I let eMule (for example) listen on a certain port and associate the rule (in applications...) to eMule.exe just this software will be able to use it.
    Thanks a lot for all your help and assistance!!!:)
    I´ll practice a litle when I get home!
     
Thread Status:
Not open for further replies.