EFW Support

Support => General Support => Topic started by: jamerson on Saturday 11 May 2013, 08:05:06 pm



Title: EFW 2.5 Utorrent
Post by: jamerson on Saturday 11 May 2013, 08:05:06 pm
Hi all,
can someone please advise how to allow utorrent ports on the endian firewall?
i tried to forward the ports that my Utorrent clients used to the machine but it stil not working,
when i disable the Outgoing firewall configuration it works,
i am supposed to do some configuration on the outgoing firewall traffic?


thank you


Title: Re: EFW 2.5 Utorrent
Post by: sree on Sunday 12 May 2013, 03:34:09 pm
Create port forwarding NAT to the client machine with the desired port and allow the same port in outgoing traffic from the client. it works


Cheers~
Sree


Title: Re: EFW 2.5 Utorrent
Post by: jamerson on Tuesday 14 May 2013, 12:24:42 am
Hey Sree,
thank you for the answer, i've tried it but still doesnt works,
any more suggestions?

thank you


Title: Re: EFW 2.5 Utorrent
Post by: sree on Tuesday 14 May 2013, 03:03:28 pm
Try deleting  SNORT rule p2p

Cheers~
sree


Title: Re: EFW 2.5 Utorrent
Post by: jamerson on Thursday 23 May 2013, 11:49:34 pm
i've checked on the outgoing rules there is no SNORT rule p2p!
i have to disable the outgoing rules to get this thing working ! however disabling it is not a reason of using the firewall !


Title: Re: EFW 2.5 Utorrent
Post by: jamerson on Friday 24 May 2013, 06:39:11 pm
any suggestions please? i need this working today!


Title: Re: EFW 2.5 Utorrent
Post by: Di4bLo on Tuesday 28 May 2013, 06:09:28 pm
Create a new rule that ALLOW (no IPS) from your IP (where Utorrent is installed) to ANY destination.
If you want, log the connections on that IP and check what ports Utorrent is using.


Title: Re: EFW 2.5 Utorrent
Post by: Ricard on Friday 31 May 2013, 08:14:58 am
I have the p2p snort rules in drop mode, and torrent works very well also with IPS. Just I have the forwarding port for uTorrent.

Security remains in the forwarding rule, because you tell the machine 192.168.3.42 will be the only one receiving traffic through the assigned uTorrent port.
When you have the Outgoing Firewall active, then it cannot works because  Torrent apps needs communication with a lot of outer ports. So you should turn off the Outgoing Firewall or building a new rule in Outgoing Firewall to allow a huge number of ports beyond 8080; in example: 10000-> 65535.

When you open the uTorrent, the uTorrent would be the only app using that port. No more apps will answer through that port in that same machine.  If you need more security in that machine, then you would need an application layer firewall in the same machine which host uTorrent. That software can check if uTorrent is the app using that inside port in that machine and also if this is the only app with permission for 10000:65535 outside ports.

It would be nice if some day all the apps would be able to send an unique identificator to the network firewalls, and then Endian would be able to check all these related things by himself.