Kerio Personal Firewall (Now Sunbelt Personal Firewall) FAQ update.

[Noodlewad]

Currently the FAQ states:

#

Kerio Personal Firewall uses 100% CPU when running µTorrent and/or disconnects my internet every few minutes

Kerio Personal Firewall has a bug where it uses 100% CPU and may cause your connection to drop when using µTorrent. There is no known fix, you can only uninstall it and use another firewall software.

#

The fix for this is to open up Kerio GUI (best to do while no torrents are running)

Click on the Overview tab (top left)

Make sure you are in the 'Connections' section of Overview

Right click in the window where all of the programs currently using a network connection are listed

Un-check 'Resolve Address' option (3rd from bottom)

This will get rid of the issue of KPF using 100% CPU

The reason it was using 100% was b/c it was trying to resolve the host name of every address that is trying to connect to your computer. The higher than normal connection attempts from running torrents overloads it.

This fix works for all torrent programs running on systems w/ KPF installed.

Can the FAQ be updated? Kerio is a great personal firewall and shouldn't be discouraged.

Thanks

[Firon]

Thanks, I'll update it now. I didn't know of any fix for it and no one mentioned one, so I had to say there was no known fix.

http://utorrent.com/faq.php#Kerio_Sunbelt_uses_100_CPU_when_running_.C2.B5Torrent

[TK1]

I'd like to add that there are no problems here running with Kerio Personal Firewall 2.1.5 under win98SE. cpu usage stays low, ram usage stays low also. only time I ever notice uTorrent is running is when there are alot of disk accesses from dozens of downloads and uploads causing frame juddering on BT878 based capture card with Dscaler running full screen.. cpu usage always in sub 10% with or without resolving IP names. only time it's above that is when re-checking a files hashes manually or if system went down ubruptly.

I suspect the reported problems are with the redesigned KPF 4.0 and above that are unstable under win9x anyway.

[kerson]

I'm running KPF 2.1.5 also and have no problems with µTorrent under WindowsXP Pro SP2, works perfectly

[Noodlewad]

I should add that I am using KPF 4.2.2 on WinXP Pro SP2

I don't know if 2.1.5 has the resolve address function or not. I grabbed that version a few months ago just in case I needed the much acclaimed incarnation of Kerio.

Can someone list what the major differences are between the old and new?

[splintax]

The release history of the app may be helpful.

[Ultima]

Not particularly useful when you want to compare 4.2.2 to 2.1.5 though O.o

[kerson]

In KPF 2.1.5 there is a function called "Resolve Domain Names", it can be turned on/off in the list that shows open connections but I don't know if this is the same as "Resolve Address".

[Ultima]

It certainly sounds like the same function.

[TK1]

In Tiny Personal Firewall 2.1.4 and KPF 2.1.4 & 2.1.5 in the Firewall Satus window there is in the settings drop down menu an option to "Don't resolve Domain names" when unticked I suppose it is feasable when tere are hundreds of IP's connecting and disconnecting a min' due to old torrents DHT or trackers still holding your IP as active on a torrent, that it could produce a rise in CPU and net resource usage, but in 2.1.5 at least you would not experience when the status window was closed since that code is no longer running.

Do a web search on Tiny Personal Firewall as that is what KPF 2.1.4 was before Kerio purchassed the rights to it, read the reviews etc. It's a real software firewall that impliments application level filtering rules. I don't believe 2.1.5 impliments any packet content filtering. It effectively provides a UPNP effect where ports are forwarded based on rules per application or global.

KPF4 and above is a different animal using the same firewall code/principle but with a different GUI and other intrusion vector protections added in. The earlier versions of KPF4would run under win98SE *just* but was very unstable.

My guess is they were developed on an XP machine and SDK so the prettyfied GUI's resource cost would just make restricted win9x core too unstable but was fine under XP and other NT based cores.

[Firon]

No, there's a lot of kernel level stuff that's difficult/impossible to do on 9x systems. UDP (or other protocols) blocking for one.

[TK1]

I think you'll find that was the big thing about Tiny Personal Firewall/KPF2 that it did the kernal level stuff, It's one of a few firewalls that stealths from all protocols including UDP if required and still lets sensative apps work transparently that others (zoneAlarm) break.

[splintax]

In KPF 2.1.5 there is a function called "Resolve Domain Names", it can be turned on/off in the list that shows open connections but I don't know if this is the same as "Resolve Address".

Resolving domain names is what your DNS server usually does, and it converts eg. google.com to 72.14.207.99.

Resolving addresses is a reverse DNS trace, what µTorrent does in the Peers tab if you have it turned on, and it converts 72.14.207.99 back into google.com (or more typically, your IP into blah.blah.random.crap.your.isp.com)

[kerson]

http://img217.imageshack.us/img217/1078/kpf6sk.png

This is how it looks for me in KPF 2.1.5, as I sad, I don't know if it's the same as Resolve Address in newer versions of KPF or not or how much they changed 2.1.5 -->> 4.xx as I have only used 2.1.5 and don't want to change as this is the only firewall that works perfectly for me, and if it's not broken why mess with it :=)

For me it does not matter if I turn this Resolve Domain Names on or off, I see no change in cpu/memory use when using µTorrent so I guess 2.1.5 does not have that bug that newer versions has...

[splintax]

I suggest you turn it off, since it's really not that useful unless you want to feel 1337 by discovering which ISP someone is on. :/

[heat84]

I get 10000 of those message boxes that ask you to confirm or deny a connection request for Utorrent. How can I stop that? And why isn't the answer her already? I can't believe I'm the first person to have this problem.

[liwitherspoon]

Thanks to Noodlewad for the Kerio fix. I have known of this problem for four years and informed Kerio of the problem about that long ago, but they didn't express any interest in fixing it. I guess Sunbelt also has no interest in fixing it either. I might try Kerio again with the fix, and also want to mention that Kerio has this processor-hog problem even without p2p. Without that problem, Kerio would be a great firewall because it is so cumtomizable.

[mcbeef]

You`re not heat84.

All I could do was to sit there and click permit or deny.

Shouldn`t one be able to grant utorrent permission to do what it does and it accepts connections automaticly?

[heat84]

Apparently they did fix it. I went in to the Firewall settings on the Applications tab and changed the permissions from ask to permit and everything is fine now. I coulda sworn I did that already though, which is why I thought there was a bigger problem.