Firewalls and port forwarding.

[yetanotherid]

Firstly this is not a "uTorrent is slow" post. In fact I don't have any problems with it. I'm just asking this in the hope someone can explain to me why something is happening in relation to firewalls.

I'm running XP, connected to the internet via a router, and have a Firewall on my PC. Zone Alarm originally, but it was giving me problems (not uTorrent or port forwarding related) so I switched to Comodo firewall a few days ago which so far I really like. And it was this switch which brought me to my question.....

I have the relevant ports forwarded on my router, and all that works fine. However contrary to all the instructions I've read, I've never had to forward ports in Zone Alarm (always used version 5.5 pro). I just run uTorrent, Zone Alarm pops up and asks me if it's okay for uTorrent to connect and act as a server, I say yes, and all is fine. I get a green light in the status bar (well I did but more on that later) and it just works. When I run the port forwarding test, my browser opens the relevant page and the test passes. This has pretty much been the case for every file sharing program I've tried.

I have noticed one thing with uTorrent though. If I run the program without actually downloading or uploading a torrent, the status bar icon tends to stay mainly yellow, flashing green occasionally, and the port forwarding test fails or passes accordingly. As soon as I start a torrent, it goes green and stays that way.

Then I uninstalled Zone Alarm and installed Comodo. I expected a similar result, but the port forwarding test would always fail, and the status icon would stay yellow until I manually forwarded the port in the firewall. So this finally leads me to my question.......

Is Zone Alarm a particularly clever firewall, realizing that uTorrent is using a particular port, and holding it open while the program is running, or is that a bad thing, and it shouldn't actually be allowing unsolicited incoming connections to a program, even though that's pretty much exactly what I want it to do?

After such a long post, my question actually feels too short, so I have another quick one....

Recently I upgraded to uTorrent 1.6, and I noticed I've lost the connection status icon in the status bar? Is it missing in this version or do I have something strange going on?

Thanks for any opinions......

Darren

[Switeck]

You may need to disable DHT and UPnP and use manual forwarding settings on your router.

Zone Alarm should be allowing µTorrent traffic because you told it to do so, not for any other reason.

If you have a router, why have a secondary software firewall as well?

(Secondary, because even the Win XP SP2's firewall isn't all that bad and closer integrated into the kernal.)

[yetanotherid]

Thanks for the reply Switeck.

The router isn't a problem, it's forwarding fine.

I understand that Zone Alarm is allowing uTorrent traffic because that's what I told it to do, but I'm just curious to know why the other firewall doesn't work the same way. I've told it allow uTorrent traffic as well, but it seems to block (according to it's logs) incoming traffic unless I forward the port. I assume this is because the incoming traffic in question is unsolicited, and it's probably the correct thing for it to do. Just wondering why Zone Alarm appears not to work the same way, and if that actually makes it more clever.

I use a software firewall as well as the router because I figure it's the only way to get a warning when something nasty finds it's way onto the computer and tries to get out. Which is why I don't use the XP firewall. I've often thought about setting a rule which turns it into the opposite of XP's firewall, so it only monitors outgoing traffic, and leaves incoming traffic to the router, but I can't decide if that's a good idea or not.....

[Switeck]

Zone Alarm may support µTorrent's UPnP methods while the other firewall/s doesn't.

That's almost luck rather than skill.

If you're using a software firewall for that, you also need to get HijackThis...a tool for causing and/or overcoming paranoia. By showing you nearly everything yor computer runs when it boots, you can rule out programs/apps/exes/dlls/sys files as problem causes...using GOOGLE searches on them.

I also use TCP view and Process Viewer from www.sysinternals.com

...yet more tools for the paranoid.

[yetanotherid]

@Switeck (re: Zone Alarm):

Unfortunately it's not even that. I have UPnP disabled in both my computer and router.

Oh... and turned off in uTorrent. ;-)

EDIT by silverfire: Why do people insist on quoting the post right before theirs? There's a very good reason why we removed the easy quote link.

[Lord Alderaan]

I think I understand your question.

First, router's and software firewalls differ in basic concept. A router needs to be told to forward incoming connections for certain ports to specific computers while a software firewall prevents application on the machine from opening connections (Either as a server or outgoing) to the Internet without permission. This basic difference makes them pretty much incomparable as to how to setup things. Judging by your story and assuming you didn't change any settings in it after installing the software firewall your router is probably still setup correct and not the cause of your problem. So you can leave the router out of the equation right now.

Second, different software firewalls have different methods of setting up which program can connect and which program cannot while a routers basic concept (the act of port forwarding) is basically the same in each router.

Zone Alarm asks you if µtorrent (or any other program) is allowed to connect to the Internet (or is allowed to act as a server) on the moment µtorrent attempts to do so.

Your new software firewall may not have this 'triggered' event configuration system and may require you to manually allow µtorrent to act as a server in the firewall software program itself. If you don't set this up it might block it by default. My advice is to read the manual of the software firewall carefully, it should mention how to allow a program to act as a server.

[avatarl]

If you're using Comodo, be sure to raise the uTorrent port rule above the default BLOCK ALL INCOMING, or the default rule will override the uTorrent port rule and nothing will pass.

[yetanotherid]

Thanks again for the replies guys.

Lord Alderaan is correct, my router isn't really part of the equation here as it's forwarding properly.

I guess after having a bit more of a play with the software Firewalls and having more time to think about it, it really comes down to this.....

Comodo is theoretically, I guess, a better Firewall than Zone Alarm, as even though it pops up with a message asking if uTorrent can connect and act as a server, it still blocks unsolicited connection attempts on the port uTorrent is using.

Zone Alarm, from what I can deduce, will allow unsolicited connection attempts on the uTorrent port, as long as uTorrent is actively using the port (effectively forwarding the port as long as uTorrent is using it, letting any incoming data through). Once uTorrent itself stops using the port (for example when stopping all torrents) it starts blocking the port again and the port forwarding test fails (which is something I guess you don't always want it to do).

As I said, I guess in theory this makes Comodo a better firewall, but I wish it had a way of setting program rules that would let it mimic Zone Alarm's behaviour. In fact I wish all Firewalls would let you conditionally forward a port, one of the conditions being when a particular program is running. That way it could block the port the rest of the time, and you wouldn't be leaving holes in your Firewall when you don't need them. It sort of amazes me it can't be done this way, unless someone knows of a Firewall that'll let you do it?

For the moment I've just created a rule to forward the port in Comodo, and using avatarl's suggestion, I move the rule up when using uTorrent, and down again when I'm not using uTorrent to disable it. Of course this relies on me remembering to do so after I finished using uTorrent. It would be much better if there was a way to get the firewall to remember to do this for you. I might see if Comodo have a forum where I can at least make this a feature suggestion.

Thanks again,

Darren

[yetanotherid]

PS. The connection icon in uTorrent's status bar came back yesterday, but today when I started the program it was gone again. Not that it matters too much, but would anyone have any idea why it keeps disappearing?

I have uTorrent on another computer here running the same version of XP and the icon is always there, although it's still running uTorrent 1.5

Is there any known icon bug in 1.6?

[Switeck]

Are the 2 computers using different ports for µTorrent? (they should be ^.^)

[yetanotherid]

Yes. And the ports forwarded correctly with the router. ;-)

That's the primary reason I turned off UPnP. I've had programs arguing over ports before.

That's also how I was able to compare the Firewalls without pulling my hair out. One computer still runs Zone Alarm while the other has Comodo. :-)

EDIT by silverfire: Why do people insist on quoting the post right before theirs? There's a very good reason why we removed the easy quote link.

[mike18xx]

You may need to disable DHT...

After wasting unchristly gobs of hours' worth of the one and only life I'll ever live (including having one tech blow up his own company's box by instructing me to enter the wrong firmware code...oops), I don't even bother trying to defukk Windows anymore. Disable DHT??? Baby, we *want* that for best trading.

Does is it suck when your Absolute Best Torrent Ever only has 5 peers in the swarm and one with its snout in the trough -- six hours after you announced it?

-- The solution to THAT problem isn't opening your ports (to get the other 4 in the swarm), but if creating torrent files with six or seven trackers in them (most public), and following up with manual torrent-file uploads on as many websites -- which will give you a swarm of 50 or 500 peers instead of 5.

[Switeck]

DHT = UDP packets which many routers, modems, and software firewalls simply crap out when they get more than a couple per second.

Peer Exchange is generally a better choice on torrents that have some peers+seeds.

On hopeless torrents, DHT may help.

But if your hardware can't do it, either get better hardware or don't try to do the impossible.

[yetanotherid]

EDIT by silverfire: Why do people insist on quoting the post right before theirs? There's a very good reason why we removed the easy quote link.

I guess it's because many of us participate if forums where there's not actually hours or days between posts in most threads, and where in fact many people can be posting at the same time. If you ever participate in one of those forums where lots of crossposting happens, it becomes pretty obvious that the only way to ensure continuity in the thread, and to ensure that it's understood who you are replying to, is by including the relevant quote when you reply.

I guess after posing in those sorts of forums, where quoting is actually considered a courtesy or is even the norm, it's pretty easy to assume that it's done everywhere, and almost impossible to imagine that there's a forum somewhere with so few problems, that quoting a post is actually seen as something to worry over.

For the moment I've just created a rule to forward the port in Comodo, and using avatarl's suggestion, I move the rule up when using uTorrent, and down again when I'm not using uTorrent to disable it. Of course this relies on me remembering to do so after I finished using uTorrent. It would be much better if there was a way to get the firewall to remember to do this for you. I might see if Comodo have a forum where I can at least make this a feature suggestion.

Just for the record, I did join in a thread in another forum where quoting the post I was replying to didn't seem to be an issue, or at least where nobody seemed to feel a need to remove a quote and then take up a similar amount of page space complaining about it, and learnt a bit more about Firewalls and port forwarding. Or at least the Comodo firewall anyway....

I had assumed that when you forward a port it stays open to traffic no matter what. I was encouraged to do some port forwarding tests and discovered my assumption regarding port forwarding was actually wrong. The Comodo firewall at least, still seems to stealth a forwarded port. I'm not sure how it works, because the port was certainly open while I was running uTorrent, but as soon as I shut uTorrent down the firewall stealthed the port again. From this I can only assume the firewall is clever enough to check whether there's a program willing to respond to traffic on the port, and open it appropriately. If it doesn't find a program willing to respond, it ignores the incoming traffic and the port appears stealthed. My router also seems to work in a similar way, although the port test reported the port as closed rather than stealthed when uTorrent wasn't running.

When I get a chance I'll try Zone Alarm again and see if it's the same, but until then it appears my idea that a firewall should be able to forward a port according to whether a certain program is running is unnecessary, because that's what it seems to do when forwarded ports anyway. And it would seem that as far as firewalls go, Comodo must be better at it than the version of Zone Alarm I was using.

[Lord Alderaan]

Exactly.

A router is setup to forward any traffic that comes from the internet on a certain port.

A software firewall allows a specific piece of software (in this case µtorrent) to act as a server to accept connections on a certain port. This means that a firewall SHOULD not allow any other program to act as a server on that port when µtorrent isn't running (when µtorrent is running no other piece of software can use that port, that would lead to a conflict). If they do allow that its a piece of crap.

A software firewall doesn't 'open a port'. It allows or denies a program to use a port. Some software firewalls don't even care about which ports a program uses as long as its authorized to open incoming and/or outgoing connections.

[silverfire]

@yetanotherid: What you SHOULD be doing in that forum is just replying normally, and then editing your post afterwards to clarify if needed instead of developing a bad habit of just quoting anyway. Such behavior is exactly what creates quote pyramids, and those are bannable offenses

[Switeck]

A router actually replies back even if a port is blocked.

A software firewall ignores incoming when a port is blocked...thus the "stealthed" result.

[yetanotherid]

@yetanotherid: What you SHOULD be doing in that forum is just replying normally, and then editing your post afterwards to clarify if needed instead of developing a bad habit of just quoting anyway. Such behavior is exactly what creates quote pyramids, and those are bannable offenses

Well here's my view on this.....

What I SHOULD be able to do is quote the post I'm replying to without someone getting themselves into a knot over it, and having to waste time checking the thread and editing posts for no apparent reason.

Secondly, if there's some sort of quoting rule that seems uniquely applicable to this forum, then it should be put where new members would expect to find it.

http://forum.utorrent.com/misc.php?action=rules

Thirdly, quoting pyramids are caused by posters not quoting properly, not by the act of quoting itself.

http://tinyurl.com/cnhsk

http://tinyurl.com/ymz5r7

Fourthly, I'm sure I'll be able to find another torrent program I like, with a forum where I don't have to worry about something I consider to be nonsense, so any further thinly veiled threats of banning won't be necessary.

Thanks to the people who actually contributed to the topic.

[silverfire]

First, the recommended quoting format is:

@yetanotherid:

Stop quoting the last post.

If you need to clarify what part of their post you're referring to, you can do this:

@yetanotherid (re: excessive quoting):

Stop quoting the last post. I'd like to think we aren't dim-witted idiots who can't form the connection between one post and the next.

Secondly, if you bothered reading the stickies, you would have found this thread.

Thirdly, I wasn't using faulty logic. Quote pyramids are abominable, and many of them result from people just quoting the previous post anyway instead of clicking reply, so by globally discouraging quoting any part of the previous post, it translates into an implied discouragement of quote pyramids. Without the act of quoting, quote pyramids could not exist.

Fourthly, I was also not aware that I was even veiling my threats. They were intended to be open threats. Keeping the forums clean is my job, and I plan on doing that to my fullest ability.

[yetanotherid]

What, so is it a rule or is it 'recommended'? Or is it just your way of getting your own back because the other kids made fun of you too much when you were at school?

I'd like to think you aren't a dim-witted idiot as well, but if you think that every person who joins a forum has time to be 'bothered' to read the forum rules, then go through every sticky thread looking for some detail a moderator who lacked attention as a child might have decided to throw in as an extra bonus, then you've spent far too much time here and far too little in the real world.

If the forum has a rule, put it where the forum rules go. Is that so hard to understand?

You originally said, and I quote:

"such behavior is exactly what creates quote pyramids".

Obviously this is still incorrect, and no amount of waffle along the lines of quoting pyramids not being able to exist without quoting will ever make it anything but faulty logic. Had you at least admitted this before qualifying what you were trying to say rather than denying it, you'd now look like less of a goose.

Lastly, while it's terrific that you've found such an admirable calling such as removing unnecessary quotes from posts, and that this provides you with so much satisfaction in life, the word 'threat' is not appropriate here.

This forum is nothing but an insignificant spec in the vast universe of the internet to me, so being banned from here isn't something I'd describe as even a tiny inconvenience. In fact, I think the chances are I wouldn't even notice. But if banning me for quoting and keeping the forum safe from quotes helps fulfill some need to be noticed you don't normally have fulfilled in the real world, and if you need that attention as much as your avatar indicates, then I'm glad to have helped you out.

Keeping the forums clean is my job

LOL. Maybe you should get t-shirts printed.

Keeping the forums clean is my job

And to think Arni wasted a whole career with "I'll be back" when a line like yours was avaiable.

[Switeck]

Congratulations yetanotherid.

You've basically hijacked your own message thread by going off-topic.

If you want to argue with an admin about forum posting policy, then PLEASE take it somewhere else.

"Gentlemen, don't fight in here! This is the WAR room!"

[blah_b_lablah]

Well I figured the thread was dead anyway, and as you pointed out, it was my message, and I was just replying to the question and illogical statements from a forum moderator who didn't serve any real purpose here other than to interfere with the thread.

I think the issue of quoting, as long as it doesn't result in quoting pyramids, should be left to the person making the post. Afterall, if I'm reading a reply, I'd much rather have the original text nicely placed at the top of the post, so I don't have to hunt back through threads to understand the conversation. It's all personal preference, there was nothing about it in the rules link, and as for the excuse of it taking up extra space on the page... I mean seriously, who cares? Isn't that what the scrollbar is for? Does it really cause that much inconvenience even if you don't like it?

And the idea of putting @username at the top of the post is sometimes fine, but sometimes just not practical. Especially if you're debating a topic and wish to reply to someone in point form. Standard practice is to generally quote each point and then insert the replies in between. It makes sense, and doesn't cause my monitor any extra greif to display it.

But really, if quoting a post is the biggest issue a moderator can find to sook about here, then maybe their servicees aren't really required.

Of course my yetanotherid has been banned, and I have no doubt this one will follow shortly, but as for the idea of some moderator on a power trip stopping me from posting here over whether I prefer to quote the post I'm replying to..... it aint going to happen, and my next ID won't be one that gives away who I am.

I'll leave silverfire with the knowledge that I'll be around, and I'll be around for as long as I choose to be.

EDIT by silverfire: Quoting the last post is idiotic, as anyone who has enough of an IQ to read a forum has the capability of assuming that you're responding to the previous post unless otherwise indicated.

[silverfire]

@blah_b_lahblah (re: your opinion on quoting): It doesn't matter what your opinion is since the administrators chose the moderators for their policies on keeping things clean. My policy revolves around removing anything that's purely redundant and unnecessary.

@blah_b_lahblah (re: quoting being the biggest issue): It used to be until we removed the easy quoting link. Now they're double posts and people who don't read rules on content. Just check the Trash subforum. Lots of new threads get tossed in there daily, and even hourly.

[blah_b_lablah]

@silverfire (re: assuming post subjects):

Once again, that assumes that the forum traffic is so slow that there won't be three other posts in between your reply and the post you're replying to, by the time you post it. Including the quote just helps the thread continuity, and stops the need for having to go back and add or remove quotes after posting.

This part of the reply is in response to your edit, not the previous post. But see how clear it makes it as to what I'm talking about? Did the extra space really cause any harm?

@silverfire (re: quoting as clarification):

Now see how clear it is which comment I'm replying to here? Doesn't that make it so much easier for the reader? Until you remove it of course then the post will make much less sense but that's okay because it's your policy I guess.

And no, it mightn't matter what my opinion is, at least not to the end result if you want to remove the quotes, but it's not an argument that the policy is sensible by any means.

@silverfire (re: quoting policies):

Well once again, if quoting was the biggest issue here, and it's something that happens in every other forum I've ever posted in without anyone complaining, then I guess I can understand why you have to go looking for problems to moderate. You have to justify being here to yourself I guess, even though you've wasted more space in this thread arguing about quoting than I even would have taken up quoting in the first place. But at least you have your policy intact.

Merged double post(s):

Well I think I'm bored of this topic now, and not really too interested in whether or not I post here not, so I'll just leave with a final few thoughts.....

Had the quoting rule been in the rules section where I could see it I would have followed it.

Had I not received a threat of being banned for simply replying to a post asking why I quote the post I'm replying to, and had instead simply been shown the rule and asked (anyone seen the word 'please' in this thread?) not to quote the way I was doing it, I would have done so.

Had I been given a logical reason as to why quoting wasn't looked upon favorably instead of some confused cause and effect logic I wouldn't have argued (I'm still at a loss as to understand why the removal of the easy quoting link wasn't enough to stop quoting pyramids, and how quoting manually could cause them to be a regular occurrence).

Had I known that there was such little traffic in this forum there was no need to quote, because there was no chance of a reply being miles below the original post, or even on another page, I wouldn't have bothered quoting to save the idiotic situation that occurs in other forums where you're forced to scroll up and down and bounce between pages in order to follow the different individual conversations going on.

Had I been simply banned I would have had a chuckle at it and gone my merry way. But when being banned I receive a childish message such as "blah, blah, blah" from someone who's supposed to have enough maturity to moderate a forum, well then I'm happy to keep playing till it bores me.

And had I, as a new member, been guided with some respect, and without the use of threats or childish tongue poking smilies, I would have treated the forum and the moderator with the some respect in return.

Bye.

EDIT by silverfire: The edit function exists for a reason. Double posting instead of editing is negligent and unnecessary.

[silverfire]

@blah_b_lablah (re: quoting space):

We were told to remove all redundant quoting of anything in favor of keeping everything in all threads as specific as possible without wasting space on quotes that could simply be referenced instead of quoted. Continuity isn't the issue. The issue lies in keeping everything redundant out.

@blah_b_lablah (re: quoting being a problem):

Other forums are a lot more lenient regarding posting ettiquette. In case you haven't noticed, we happen to be strict here. In addition, when the forums were just started, we identified excessive quoting (including, but not limited to quote pyramids) and double posting (defined as any two consecutive posts by the same author, not necessarily identical posts) as the two most prevalent issues for us to tackle. Other issues such as inappropriate content and bumping were minor, but still present. Excessive quoting was significantly reduced by the removal of the quick quoting link, though occasionally someone would feel the urge to manually quote the previous post in its entirety.

@blah_b_lablah (re: questioning my maturity):

I understand how you got that kind of impression of me, so I feel the need to set the record straight. I fit under the definition of a 'social parasite.' My main enjoyment in moderating these forums comes from stepping and subsequently stomping on others' toes; their grief is my happiness. However your definition of maturity labels my actions, I can guarantee you that I'm enjoying this far more than you ever will.

----

In almost all the cases we encountered, removing the quote and pasting the edit explanation sufficed to prevent excessive quoting from happening again. The key lay in how people realized that it was a rule, and whether it was logical or not, they ended up following it. This is where you differed. You decided that your way was the only correct way and went against policy to continue pursuing what we as moderators judged to be inappropriate actions, including but not limited to: repeated violation of rules and personal attacks on staff, resulting in your ban.

Whether a policy is logical or not, those affected need to follow it. If a hypothetical law forbidding throwing styrofoam cups into garbage cans were passed and actively enforced, violating it would result in consequences.

Policy is not subject to the interpretation of those affected. You were free to object to the logic behind any policy until policies were broken, at which point the problem became enforcement of policy rather than discussion about it. Additionally, ignorance of policies does not constitute an excuse for breaking them. Next time, take the two minutes to read the stickies and don't assume that ignorant behavior that is not corrected in another forum constitutes allowable behavior in another.