VoIP Settings for VoIPcheap

Discussion in 'LnS English Forum' started by ht7890, Sep 28, 2005.

Thread Status:
Not open for further replies.
  1. ht7890

    ht7890 Registered Member

    Joined:
    Sep 28, 2005
    Posts:
    8
    Just been using LnS for a day or so, I changed from Outpost because of the good reports about LnS. It is vastly different trying to write rules for this app and quite frankly still feel unsure when I do that I have not left the backdoor wide open to Mr.Nasty!

    Basically I want to write a ruleset that will allow me to use Voipcheap through the LnS firewall, I could not get this app to work at all, after many frustrating attempts to workout the ports for this app I eventually stumbled upon a program called VoIPbuster, their websites FAQ's said:

    The following Destination ports need to be allowed on your firewall:
    UDP 5060
    UDP 11112
    UDP 10300 - 10311
    UDP 6901 - 6920

    I entered these settings into LnS and could then use this app. I guess my question is - have I entered this correctly below, I had to enter four seperate UDP rules, and secondly could one of you brighter chaps put these into a VoIPcheap.rie ruleset, (I am sure they could be made more concise) so I could take a look and see how it is done.


    http://img248.imageshack.us/img248/8971/untitled18yn.jpg

    The program is from Voipcheap.co.uk


    regards
    ht7890
     
  2. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi,

    The rule you created seems correct.

    What is the content of the Look 'n' Stop log after you notice Voipcheap is not working ?
    Examining the log is useful to understand the ports/protocols that are still blocked.

    Regards,

    Frederic
     
  3. ht7890

    ht7890 Registered Member

    Joined:
    Sep 28, 2005
    Posts:
    8
    Hi Frederic, thanks for your input,

    Everything seems Ok in the log, and the program is working well now. I was just concerned that there seems to be too many fields with the word ALL in them, is there a way I could tighten this up, or is this the best it gets.

    regards
     
  4. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Ok.

    For port selection, you can try to put the same thing for the Local & Remote port (ie the same thing on the left side as the right one).
    Also you can associate the Application to the rule, so these UDP rules will be enabled only when the application is connected.

    Frederic
     
  5. ht7890

    ht7890 Registered Member

    Joined:
    Sep 28, 2005
    Posts:
    8

    Thats what I need to know, how do I this?

    regards
     
  6. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    In the Rule Edition dialog box there is a Application button, to select the application that will enable the rule.
    Note that the port won't be specific to this application (this has to be done in Application Filtering if required). This will jut enable/disable globally the rules when the application is connected/disconnected.

    Frederic
     
  7. ht7890

    ht7890 Registered Member

    Joined:
    Sep 28, 2005
    Posts:
    8
    Thanks for the information Frederic,

    So you are saying that the screenshot below will bind the application, in this case VoIPcheap to these top four rules (I have replicated this to the other three rules). The ports will be opened when the VoIPcheap program opens and close when the program is stopped, but other applications may or may not open these ports if other programs need to use these.

    http://img374.imageshack.us/img374/9053/13hg.jpg

    I have now gone to the Application Filtering screen and double clicked the Client to make VoIP calls program and added the ports I wish to use with this application. Do I need to put anything in the @IP: text box?

    So I now have a situation where the UDP ports will be closed untill I chose to use the VoIP program. When I terminate the program the ports will close. This seems a lot wiser than just leaving the ports perminently open on the off chance I may or may not use the application.


    http://img33.imageshack.us/img33/4456/27gg.jpg

    In the Ports & IP Msgbox what is the syntax to block a port number, or is this not possible here?

    thanks for your time
    regards
    ht7890
     
  8. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    No you don't. Unless you know exactly the IP the application is supposed to used and this IP never change.

    Selecting ports here for this application (in addition of the Internet Filtering) is only useful if you are afraid this application will connect to another port to perform a malicious operation. If the application is supposed safe, normally you don't need to select ports.

    The syntax is !port or !port1-port2 to block a range.
    This is described in the help file ;)

    Frederic
     
  9. ht7890

    ht7890 Registered Member

    Joined:
    Sep 28, 2005
    Posts:
    8
    :oops: :oops: :oops:


    Thanks for your help Frederic, I will leave you in peace now (well for a while) :D

    regards
    ht7890
     
Thread Status:
Not open for further replies.