VoIP Settings for VoIPcheap

Just been using LnS for a day or so, I changed from Outpost because of the good reports about LnS. It is vastly different trying to write rules for this app and quite frankly still feel unsure when I do that I have not left the backdoor wide open to Mr.Nasty!

Basically I want to write a ruleset that will allow me to use Voipcheap through the LnS firewall, I could not get this app to work at all, after many frustrating attempts to workout the ports for this app I eventually stumbled upon a program called VoIPbuster, their websites FAQ's said:

The following Destination ports need to be allowed on your firewall:
UDP 5060
UDP 11112
UDP 10300 - 10311
UDP 6901 - 6920

I entered these settings into LnS and could then use this app. I guess my question is - have I entered this correctly below, I had to enter four seperate UDP rules, and secondly could one of you brighter chaps put these into a VoIPcheap.rie ruleset, (I am sure they could be made more concise) so I could take a look and see how it is done.


http://img248.imageshack.us/img248/8971/untitled18yn.jpg

The program is from Voipcheap.co.uk


regards
ht7890

 

Hi,

The rule you created seems correct.

What is the content of the Look 'n' Stop log after you notice Voipcheap is not working ?
Examining the log is useful to understand the ports/protocols that are still blocked.

Regards,

Frederic

 

Hi Frederic, thanks for your input,

Everything seems Ok in the log, and the program is working well now. I was just concerned that there seems to be too many fields with the word ALL in them, is there a way I could tighten this up, or is this the best it gets.

regards

 

Ok.

For port selection, you can try to put the same thing for the Local & Remote port (ie the same thing on the left side as the right one).
Also you can associate the Application to the rule, so these UDP rules will be enabled only when the application is connected.

Frederic

 

Thats what I need to know, how do I this?

regards

 

In the Rule Edition dialog box there is a Application button, to select the application that will enable the rule.
Note that the port won't be specific to this application (this has to be done in Application Filtering if required). This will jut enable/disable globally the rules when the application is connected/disconnected.

Frederic

 

Thanks for the information Frederic,

So you are saying that the screenshot below will bind the application, in this case VoIPcheap to these top four rules (I have replicated this to the other three rules). The ports will be opened when the VoIPcheap program opens and close when the program is stopped, but other applications may or may not open these ports if other programs need to use these.

http://img374.imageshack.us/img374/9053/13hg.jpg

I have now gone to the Application Filtering screen and double clicked the Client to make VoIP calls program and added the ports I wish to use with this application. Do I need to put anything in the @IP: text box?

So I now have a situation where the UDP ports will be closed untill I chose to use the VoIP program. When I terminate the program the ports will close. This seems a lot wiser than just leaving the ports perminently open on the off chance I may or may not use the application.


http://img33.imageshack.us/img33/4456/27gg.jpg

In the Ports & IP Msgbox what is the syntax to block a port number, or is this not possible here?

thanks for your time
regards
ht7890

 

No you don't. Unless you know exactly the IP the application is supposed to used and this IP never change.

Selecting ports here for this application (in addition of the Internet Filtering) is only useful if you are afraid this application will connect to another port to perform a malicious operation. If the application is supposed safe, normally you don't need to select ports.

The syntax is !port or !port1-port2 to block a range.
This is described in the help file

Frederic

 

Thanks for your help Frederic, I will leave you in peace now (well for a while)

regards
ht7890