Comodo Firewall Tweaks

TWEAK A

COURTESY: COMODO FORUMS -PANDLOUK

How to configure Comodo firewall 5 for utorrent.

1. Go to : Firewall -> Firewall Behavior Settings-> Advanced. disable Do Protocol analysis

2. Go to : Firewall -> Network Security Policy-> Predifined Firewall Policies and select Add...

Give a name at the new Predefined Policy for example: uTorrent

Add the following rules:

Rule 1

Action = Allow

Protocol = TCP or UDP

Direction = In

Description = Rule for incoming TCP and UDP connections

Source Address = Any

Destination Address = Any

Source port = A port range = (start port = 1025 / end port = 65535)

Destination port = the port of utorrent

Rule 2

Action = Allow

Protocol = TCP

Direction = Out

Description = Rule for outgoing TCP connections

Source Address = Any

Destination Address = Any

Source port = A port range = (start port = 1025 / end port = 65535)

Destination port = A port range = (start port = 1025 / end port = 65535)

Rule 3

Action = Allow

Protocol = UDP

Direction = Out

Description = Rule for outgoing UDP connections

Source Address = Any

Destination Address = Any

Source port = the port of utorrent

Destination port = A port range = (start port = 1025 / end port = 65535)

Rule 4

Action = Ask (enable Log as a firewall event if this rule is fired)

Protocol = TCP

Direction = Out

Description = Rule for HTTP requests

Source Address = Any

Destination Address = Any

Source port = A port range = (start port = 1025 / end port = 65535)

Destination port = 80

Rule 5

Action = Block (enable Log as a firewall event if this rule is fired)

Protocol = IP

Direction = In/OUT

Description = Block and Log All Unmatching Requests

Source Address = Any

Destination Address = Any

IP Details = Any

3. Start utorrent. When Comodo asks you with a popup, choose Treat this application as select utorrent and enable Remember my answer.

Have a nice file sharing. Wink

Additional Notes

If you have connectivity problems:

Go at Firewall -> Common Tasks -> Stealth ports wizard and select

Alert me to incoming connections- stealth my ports on a per-case basis

Because of a bug you must change the rule 4 (for HTTP requests) to allow. I hope this will be resolved with the next updates.

Panagiotis

If you have a router, you'll need to configure it for port forwarding:

http://portforward.com/english/routers/port_forwarding/routerindex.htm

1. Choose your router model (if it's not in the list, choose one from the same company)

2. Select the software (in this case, uTorrent)

3. Now follow the steps in the guide

Tweak to increase download speed

Ragwing

If you have just a modem, you may need to add a rule (above the last block all) to allow outgoing DNS requests such as:

Action = Allow

Protocol = UDP

Direction = Out

Description = Allow Outgoing DNS

Source Address = Any

Destination Address = Any (or your ISP's DNS server for extra security)

Source port = Any

Destination port = 53

Soyabeaner

TWEAK B

COURTESY ULTIMA

COMODO Firewall Pro

[RULE 1]

Action ............ : Allow

Protocol .......... : UDP

Direction ......... : Out

Description ....... : DNS Service

Source Address .... : Any

Destination Address : Any

Source Port ....... : Any

Destination Port .. : (A Single Port) 53

[RULE 2]

Action ............ : Allow

Protocol .......... : UDP

Direction ......... : Out

Description ....... : Multicast

Source Address .... : Any

Destination Address : (IP Range) 239.0.0.0 - 239.255.255.255

Source Port ....... : Any

Destination Port .. : (A Single Port) 6771

[RULE 3]

Action ............ : Allow

Protocol .......... : UDP

Direction ......... : In

Description ....... : Ephemeral Ports [iN] (UDP)

Source Address .... : Any

Destination Address : Any

Source Port ....... : Any

Destination Port .. : (A Port Range) 1024 - 5000

[RULE 4]

Action ............ : Allow

Protocol .......... : TCP or UDP

Direction ......... : Out

Description ....... : Ephemeral Ports [OUT] (TCP/UDP)

Source Address .... : Any

Destination Address : Any

Source Port ....... : (A Port Range) 1024 - 5000

Destination Port .. : Any

[RULE 5]

Action ............ : Allow

Protocol .......... : TCP or UDP

Direction ......... : In

Description ....... : Port [YOUR PORT] [iN] (TCP/UDP)

Source Address .... : Any

Destination Address : Any

Source Port ....... : Any

Destination Port .. : (A Single Port) [YOUR PORT]

[RULE 6]

Action ............ : Allow

Protocol .......... : UDP

Direction ......... : Out

Description ....... : Port [YOUR PORT] [OUT] (UDP)

Source Address .... : Any

Destination Address : Any

Source Port ....... : (A Single Port) [YOUR PORT]

Destination Port .. : Any

Where [YOUR PORT] is replaced with the port µTorrent listens on. These rules can be made global rules, but you're probably better off making them application-specific.

In COMODO Firewall Pro v2.x:

- Application-specific rules can be added via Security > Application Monitor

- Global rules can be added via Security > Network Monitor

In COMODO Firewall Pro v3.0:

- Application-specific rules can be added via Firewall > Advanced > Network Security Policy > Application Rules

- Global rules can be added via Firewall > Advanced > Network Security Policy > Global Rules

NOTES:

[ul][li]I made a lot of rules, but that's because I was trying to make the rules as tight as I could.[/li]

[li]The Multicast rule can probably be tightened down considerably for the Destination Address, but I wasn't entirely sure how specific I could make the rule without breaking µTorrent's multicast (should the IP ever change in the future), so I left it with such a large range. If I'm not mistaken, the one single IP µTorrent used for LPD was 239.192.152.143, but again, I'm not sure if limiting the rule to that single IP would cause any misbehaviors in the future. Adjust the rule if you really want to, but I don't think it's really necessary, since the range is reserved anyway.[/li]

[li]If you're using an alternative listening port for any reason, then you're going to need to create a copy of rule 5 for that port (though you probably won't need the UDP part of that rule -- I say probably because I haven't tested it).[/li]

[li]I don't use Defense+ in COMODO Firewall Pro v3.0, so I'm not sure how one might configure it (if it is at all necessary to be configured, that is). At least one user has had to configure some setting in Defense+ to make COMODO work properly with µTorrent -- see the relevant thread here.[/li][/ul]

_{* Old instructions for COMODO Firewall Pro}

dear my friends.

i'm newbie in torrrent. i still don't understand about 'the port of torrent' for comodo firewall configuration as shown below:

Rule 1

Action = Allow

Protocol = TCP or UDP

Direction = In

Description = Rule for incoming TCP and UDP connections

Source Address = Any

Destination Address = Any

Source port = A port range = (start port = 1025 / end port = 65535)

Destination port = the port of utorrent

&

Rule 3

Action = Allow

Protocol = UDP

Direction = Out

Description = Rule for outgoing UDP connections

Source Address = Any

Destination Address = Any

Source port = the port of utorrent

Destination port = A port range = (start port = 1025 / end port = 65535)

what is the value/exact value for 'the port of torrent'? thanks for your response

Press CTRL+G in uT, the port is configurable. Generally, make a new thread in the appropriate section instead of jacking an old one and give the documentation a good poke.

I did all those things, but when I start u torrent, there is no option for selecting treat as Utorrent(new rule), only default one shows.

I think I l try other AV, just because of this. Maybe Outpost Securtiy Suite will deal with this better. Even when utorrent is working with Comodo, its not working 100%, for example, tracker doesnt update itself, even if I try manualy, so I need to stop, and then start it gain, so that seeds and peers update. This wouldnt bother me so much, but Im uploader, so this is important.