Soggy Bottom Posted March 20, 2006 Report Share Posted March 20, 2006 Been searching the forum for something looking like what the topic indicates, but no show. What i am looking for is a thread that people could post their working settings for different software firewalls, like Outpost, ZA, Norton, BlackIce, Sunbelt and whatnot.I guess the basics are almost the same for every software firewall, but there´s also different settings for every firewall. Problems could be various, what TCP/UDP ports to open, is loopback essential and why, is UDP used both inbound and outbound and so on.Some examples from the Agnitum Outpost Support forum:For contacting the tracker:Protocol: TCP, direction: Outbound, Remote port: <tracker port>, Allow itFor inbound and outbound (if needed) loopback:Protocol: TCP, direction: Inbound, Remotehost: 127.0.0.1, Allow iFor listening port:Protocol: TCP, Direction: Inbound, Remote Port: 1024-65535 (for example), Local Port: <your uTorrent port>, Allow itFor UDP:Protocol: UDP, Remote port:1024-65535 (for example), Local Port: <your uTorrent port>, Allow it.Is it possible to have this kind of thread? I see people asking about this stuff all the time, why not share our experiences/working settings in a (maybe stickie) thread? If not, please lock/delete this thread at will, no problems.In conjunction to this, i have two questions. Is UDP connections needed if not using DHT/PEX? And is loopback always needed?Best regards. Link to comment Share on other sites More sharing options...
Ultima Posted March 20, 2006 Report Share Posted March 20, 2006 ZoneAlarm Pro or ZoneAlarm Internet Security Suite1) Open up ZoneAlarm2) Go to the Firewall > Main tab3) Under Internet Zone Security, click the Custom button4) Under the Internet Zone tab, check the Allow incoming UDP ports, Allow outgoing UDP ports, Allow incoming TCP ports, and Allow outgoing TCP ports. In each one, specify the port number you're trying to open up5) Click OK6) Go to the Firewall > Expert tab7) Click 'Add'8) Give the rule a name (preferably one with the port number you're trying to open in it, for easier identification)9) Under the Protocol section, click Modify > Add Protocol > Add Protocol10) For protocol, select TCP & UDP11) Give it a description (I guess you can put a name with the port number again if you want =P)12) For Destination Port, make it Other (if it isn't already), and set the number to the right as the port you're trying to allow connection to.13) Leave the source part alone (Other, Any)14) Click OK to everything, and when you're back to the main GUI, click the Apply button.You need to have a non-free version to follow these instructions, as I haven't used the free one in the longest time, and the last time I remember, it didn't have the Expert tab in some places. I'm not sure if this will help, but I've always set my ZoneAlarm up in this way when I reinstall my computer, and I've never had any hiccups with BitTorrent.* Guide originally posted here Link to comment Share on other sites More sharing options...
Firon Posted March 20, 2006 Report Share Posted March 20, 2006 Norton Internet Security (NIS) 2006Rhamhoy,I am running µTorrent 1.5, cFosSpeed v2.13.1085, Norton Internet Security (NIS) 2006, and getting good torrent speeds without any problem. Make sure your NIS Firewall configuration for µTorrent program contains two rules: an Inbound rule to permit TCP and UDP connections from any computer to the single local port your µTorrent is listening on and an Outbound rule to permit TCP and UDP connections to any computer on all ports. It is also necessary to deselect "Stealth blocked ports" in "Advanced security settings" on the NIS Firewall options page, otherwise peers will not be able to make incoming connections resulting in slow download speed and red "Not connectible" network status in µTorrent despite the µTorrent port forward test passing. A better test is BTFAQ's, this will fail if NIS is stealthing your ports. Finally, to avoid nuisance NIS Intrusion Prevention warnings, deselect "Invalid TCP Destination Port", "Invalid TCP Source Port", and "MS Windows H.323 BO (2)" signatures on the Intrusion Prevention Signature Exclusions page of Intrusion Protection Advanced Configuration.Good luck, Joe Link to comment Share on other sites More sharing options...
Ultima Posted April 14, 2006 Report Share Posted April 14, 2006 PC-Cillin 20051. Open PC-Cillin Internet Security.2. Click 'Network Security' along the left side.3. Click 'Edit.' 4. From the 'Personal Firewall Profile' window, open the 'Exception List.' 5. Click 'Add.' 6. Enter the following information in the appropriate fields: * Description: uTorrent* Target: 'Specified Application (enter whever u have the uTorrent.exe stored) * Action: Allow* Ports: All Ports7. Click 'Save.'Source: http://forum.utorrent.com/viewtopic.php?pid=173414#p173414 Link to comment Share on other sites More sharing options...
green Posted May 13, 2006 Report Share Posted May 13, 2006 Kaspersky Anti-Hackerthese are settings i use. i have no problems with these settings. you might have problems with these settings.i am not gonna sit around and figure out what went wrong on your computer if these settings screw things up.(optional) Untick Stealth ModeService -> Application RulesYou need 2 rules.Rule 1 - This rule allows the application utorrent.exe to establish connections to a remote computer via the protocol TCPRule 2 - This rule allows the application utorrent.exe to accept incoming connections from a remote computer via the protocol TCP if the following conditions are met:local port: <your local incoming port>Rule 3 (optional) - This rule allows the application utorrent.exe to send and receive UDP packets if the following conditions are met: local port: <your local incoming port>Service -> Settings -> Intrusion Detection SystemBlock assualts for 5 minutesKaspersky Anti-Virus PersonalSettings -> Configure Real Time Protection -> Real Time Protection SettingsBlock attacking computer for 5 minutes(optional) Untick 'Use stealth mode' Link to comment Share on other sites More sharing options...
Rilex Posted October 1, 2006 Report Share Posted October 1, 2006 ISA Server 2006Assuming that you'll use port 64000 - 64100 for multiple clients1) Set up the following new Protocols:Name: BitTorrent (Inbound)Ports: TCP - 64000 to 64100 InboundSecondary connection: TCP 64000 - 64100 OutboundName: BitTorrent (Outbound)Ports: TCP - 64000 to 64100 OutboundSecondary connection: TCP 64000 - 64100 InboundName BitTorrent (UDP)Ports: 64000 to 64100 Send ReceiveSecondary connection: 64100 to 64100 Send ReceiveYou can add each of these to the same Access Rule.Create another new Protocol on a per-client basis:Name: BitTorrent (Server - <Client Name>)Ports: Create a TCP Inbound port range somewhere between 64000 and 64100 (e.g. 64000 to 64010)Create a Non-Web Server Protocol Publishing Rule per BitTorrent client (client machines must have static IP or have DHCP reservations). These rules are the same thing as SOHO router's "port forwarding":Name: What ever you want, be descriptive as to what the client using this rule isServer IP: The client running BitTorrentListen from: External (aka The Internet)Edit the above Server Publishing rule and go to the To tab. Make sure the radio box "Requests appear to come from the original client" is ticked.Go to Configuration -> General -> Define Firewall Client Settings -> Application Settings tabCreate two New Applications:Application: [Executable name without file extension, e.g. utorrent]Key: RemoteBindUdpPortsValue: 64000-64100Application: [Executable name without file extension, e.g. utorrent]Key: ServerBindTcpPortsValue: 64000-64100Save all of the above changes and commit them to the ISA Server.Open utorrent, go to Options -> Preferences -> Connection, set the/a port that your Server Publishing Rule is using.Under Advanced, go to net.outgoing_port and set it between 64000 and 64100.I've also set the IP/host name to report to tracker to a Dyndns hostname, though you can also use the ISA Server's external IP (if you're running ISA in Edge firewall mode).Note: I have not gotten DHT to function in my limited tests (sits at Waiting to log in or login with 0 nodes), but uTorrent reports that NAT is functioning correctly. Download speeds are excellent and upload also works.Also note that these same steps should be applicable to ISA 2004, but NOT ISA 2000. Link to comment Share on other sites More sharing options...
anonymous Posted October 22, 2006 Report Share Posted October 22, 2006 CHX Packet Filterthis rule should be sufficient right?:Action: Force AllowDirection: IncomingProtocol: TCPSource IP: AnySource Port: AnyDestination IP: AnyDestination Port: 6346 Link to comment Share on other sites More sharing options...
Ultima Posted December 9, 2006 Report Share Posted December 9, 2006 Rule configuration for F-Secure Internet Security 2007Thanks to pawq for the link Link to comment Share on other sites More sharing options...
Ultima Posted May 2, 2007 Report Share Posted May 2, 2007 Norton 360Hey guys. I recently encountered a problem with my utorrent. I was frequently getting the red circle. It used to be a green circle before. I checked my ports using utorrent's port checker and it shows my port is closed. I decided to off my N360 firewall for a while. The green circle immediately went up again. After that, I realized it was something to do with my N360. I played around a bit and got it to work again. (NIS 2007 has the same firewall and configuring it is about the same as N360)1. Click "Tasks and Settings" on the top in the N360 main window.2. In the new window, click "Change Advanced Settings" on the right of your screen.3. In the new window, click "Firewall Protection Settings".4. Next, click the "Firewall General Rules" tab.5. Press the "Add" button on the bottom of the window.6. Next follow in this order to forward your port: i) Allow: Allow connections to match this rule ii) Connections from other computers iii) Any Computer iv) The protocol you want to allow : TCP and UDP v) On the same screen, click "Only communications that match all types of ports listed below. vi) Press "Add" on the same window. a) Filter By: Individually specified ports Locality : Local c) On the box, enter your port number. vii) Click next, next and next to add the port and now you should have the green tick in utorrent.Source: http://forum.utorrent.com/viewtopic.php?id=23127 Link to comment Share on other sites More sharing options...
Ultima Posted June 8, 2007 Report Share Posted June 8, 2007 Kaspersky Internet Security Firewall[utorrent.exe]App=[YOUR PATH]CommandLine=UseCommandLine=0Name=DNS ServiceEnable=1Allow=1Log=0Warning=0Protocol=UDPDirection=OutboundStreamRemotePort=53Name=Allow TCP Connections [iN] ([YOUR PORT])Enable=1Allow=1Log=0Warning=0Protocol=TCPDirection=InboundStreamLocalPort=[YOUR PORT]Name=Allow TCP Connections [OUT] (Ephemeral)Enable=1Allow=1Log=0Warning=0Protocol=TCPDirection=OutboundStreamLocalPort=1024-5000Name=Allow UDP Packets [iN/OUT] (Ephemeral, [YOUR PORT])Enable=1Allow=1Log=0Warning=0Protocol=UDPDirection=InboundOutboundLocalPort=1024-5000, [YOUR PORT]Where [YOUR PATH] should be replaced with the full path to your µTorrent executable, and [YOUR PORT] is replaced with the port µTorrent listens on. Save the above (with the proper information filled in) as a INI file using a plain text editor (such as Notepad -- not Microsoft Word or the likes) and import it into Kaspersky's firewall rules. Works for me without hiccups. Link to comment Share on other sites More sharing options...
Ultima Posted December 25, 2007 Report Share Posted December 25, 2007 COMODO Firewall Pro[RULE 1]Action ............ : AllowProtocol .......... : UDPDirection ......... : OutDescription ....... : DNS ServiceSource Address .... : AnyDestination Address : AnySource Port ....... : AnyDestination Port .. : (A Single Port) 53[RULE 2]Action ............ : AllowProtocol .......... : UDPDirection ......... : OutDescription ....... : MulticastSource Address .... : AnyDestination Address : (IP Range) 239.0.0.0 - 239.255.255.255Source Port ....... : AnyDestination Port .. : (A Single Port) 6771[RULE 3]Action ............ : AllowProtocol .......... : UDPDirection ......... : InDescription ....... : Ephemeral Ports [iN] (UDP)Source Address .... : AnyDestination Address : AnySource Port ....... : AnyDestination Port .. : (A Port Range) 1024 - 5000[RULE 4]Action ............ : AllowProtocol .......... : TCP or UDPDirection ......... : OutDescription ....... : Ephemeral Ports [OUT] (TCP/UDP)Source Address .... : AnyDestination Address : AnySource Port ....... : (A Port Range) 1024 - 5000Destination Port .. : Any[RULE 5]Action ............ : AllowProtocol .......... : TCP or UDPDirection ......... : InDescription ....... : Port [YOUR PORT] [iN] (TCP/UDP)Source Address .... : AnyDestination Address : AnySource Port ....... : AnyDestination Port .. : (A Single Port) [YOUR PORT][RULE 6]Action ............ : AllowProtocol .......... : UDPDirection ......... : OutDescription ....... : Port [YOUR PORT] [OUT] (UDP)Source Address .... : AnyDestination Address : AnySource Port ....... : (A Single Port) [YOUR PORT]Destination Port .. : AnyWhere [YOUR PORT] is replaced with the port µTorrent listens on. These rules can be made global rules, but you're probably better off making them application-specific.In COMODO Firewall Pro v2.x:- Application-specific rules can be added via Security > Application Monitor- Global rules can be added via Security > Network MonitorIn COMODO Firewall Pro v3.0:- Application-specific rules can be added via Firewall > Advanced > Network Security Policy > Application Rules- Global rules can be added via Firewall > Advanced > Network Security Policy > Global RulesNOTES:[ul][li]I made a lot of rules, but that's because I was trying to make the rules as tight as I could.[/li][li]The Multicast rule can probably be tightened down considerably for the Destination Address, but I wasn't entirely sure how specific I could make the rule without breaking µTorrent's multicast (should the IP ever change in the future), so I left it with such a large range. If I'm not mistaken, the one single IP µTorrent used for LPD was 239.192.152.143, but again, I'm not sure if limiting the rule to that single IP would cause any misbehaviors in the future. Adjust the rule if you really want to, but I don't think it's really necessary, since the range is reserved anyway.[/li][li]If you're using an alternative listening port for any reason, then you're going to need to create a copy of rule 5 for that port (though you probably won't need the UDP part of that rule -- I say probably because I haven't tested it).[/li][li]I don't use Defense+ in COMODO Firewall Pro v3.0, so I'm not sure how one might configure it (if it is at all necessary to be configured, that is). At least one user has had to configure some setting in Defense+ to make COMODO work properly with µTorrent -- see the relevant thread here.[/li][/ul]* Old instructions for COMODO Firewall Pro Link to comment Share on other sites More sharing options...
Ultima Posted April 6, 2008 Report Share Posted April 6, 2008 BitDefenderGuide by IP-Drowner, original thread hereInformation:This tutorial will teach you how to reach better download speeds using Utorrent if you have BitDefender security enabled. This applies tall BitDefender versions that contain the firewall.Procedure:When you start Utorrent for the first time with BitDefender, always press allow. These steps below will help increase your download speed, these ways were only tested on Windows Vista, but should also allow other systems that run Utorrent to work as-well.[ol][li]Right click the BitDefender tray icon and select Open Advanced Settings.[/li][li]Select the Firewall icon from the right side menu.[/li][li]Go to the Traffic tab and you should see Utorrent.[/li][li]Right click Utorrent and select Edit Rule[/li][li]In the first drop down box, select Any.[/li][li]In the second drop down box, select Allow.[/li][li]Click Advanced.[/li][li]With the Direction drop down box, select Both.[/li][li]With the Source Address and Destination Address drop down boxes, select Any.[/li][li]Click the OK button.[/li][li]Select OK again from the first window.[/li][li]Once you're in the BitDefender control panel again, select the Advanced tab.[/li][li]Under Settings, un-check Stealth Mode.[/li][li]Check the Apply the same (generic) profile to all networks.[/li][li]Press the Close button.[/li][li]Open Utorrent.[/li][li]Right-click the file you're downloading.[/li][li]Select High from the Bandwidth Allocation area.[/li][li]Make sure that the Upload Limit is set to 200-250kb.[/li][li]Make sure that the Download Limit is set to 400-600kb.[/li][li]Open the folder that displays the network you're connected to.[/li][li]Right click it and select properties.[/li][li]Uncheck Bitdefender Firewall from the settings.[/li][li]Select Apply then press OK.[/li][/ol]That should increase your download and upload speed if you're using BitDefender as computer protection.Enjoy! Link to comment Share on other sites More sharing options...
Ultima Posted November 8, 2008 Report Share Posted November 8, 2008 Norton Internet Security 2009I would like to share my experiences for other users' interests on how to open a port in firewall set up by Norton AntiVirus 2008:1. Goto Norton AntiVirus tab of Norton Protection Centre and click on Internet Worm Protection under Web Browsing in Settings2. A small window will pop up with Turn Off and Configure buttons; click on configure3. Click Program Control in "How to customize your settings"4. If there is any entry with uTorrent in the list, delete it and click add. - Click Allow: Allow connections that match this rule and click "Next" - Keep as is (connections from other computers) and click "Next" - Click Any computer and click "Next" - Choose "TCP and UDP" in the protocol and check "Only communications that match all types and ports listed below and click Add button - check Individually specified ports in "Filter by" section - Local in "Locality" section - and enter your uTorrent port and click "ok" - Click "Next" - Leave as is (create an event log entry) and click "Next" - Type any name for the rule and click "Next" - Finally click "Finish"5. Now you should have a new entry in the list, click ok again6. Click ok and you should be back to options page of Norton AntiVirus7. Click General Rules and click Add - Click Allow: Allow connections that match this rule and click "Next" - Keep as is (connections from other computers) and click "Next" - Click Any computer and click "Next" - Choose "TCP and UDP" in the protocol and check "Only communications that match all types and ports listed below and click Add button - check Individually specified ports in "Filter by" section - Local in "Locality" section - and enter your uTorrent port and click "ok" - Click "Next" - Leave as is (create an event log entry) and click "Next" - Type any name for the rule and click "Next" - Finally click "Finish"8. Now you should have a new entry in the list, click ok again, move it to the top if you're not sure about other entries9. Click ok and you should be back to options page of Norton AntiVirus. Click ok and you're done.10. Test your uTorrent port and it should be forwarded properly now.Source: http://forum.utorrent.com/viewtopic.php?id=48945 Link to comment Share on other sites More sharing options...
Ultima Posted December 22, 2008 Report Share Posted December 22, 2008 CA Personal Firewall1. Open CA Personal Firewall.2. Click on "Firewall".3. Find "C:\Program Files\uTorrent\uTorrent.exe" and select it.4. At the top where it says "Advanced Application Control" and click "Edit".5. Click "Add".6. Configure the following menu like this:7. Don't mess with any of the other configurations.8. Look through the "Firewall" list for anything else that says "uTorrent", and do the same thing.Hope I helped!Source: http://forum.utorrent.com/viewtopic.php?id=51297 Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.