Software Firewall Configurations

[Soggy Bottom]

Been searching the forum for something looking like what the topic indicates, but no show. What i am looking for is a thread that people could post their working settings for different software firewalls, like Outpost, ZA, Norton, BlackIce, Sunbelt and whatnot.

I guess the basics are almost the same for every software firewall, but there´s also different settings for every firewall.

Problems could be various, what TCP/UDP ports to open, is loopback essential and why, is UDP used both inbound and outbound and so on.

Some examples from the Agnitum Outpost Support forum:

For contacting the tracker:

Protocol: TCP, direction: Outbound, Remote port: <tracker port>, Allow it

For inbound and outbound (if needed) loopback:

Protocol: TCP, direction: Inbound, Remotehost: 127.0.0.1, Allow i

For listening port:

Protocol: TCP, Direction: Inbound, Remote Port: 1024-65535 (for example), Local Port: <your uTorrent port>, Allow it

For UDP:

Protocol: UDP, Remote port:1024-65535 (for example), Local Port: <your uTorrent port>, Allow it.

Is it possible to have this kind of thread? I see people asking about this stuff all the time, why not share our experiences/working settings in a (maybe stickie) thread? If not, please lock/delete this thread at will, no problems.

In conjunction to this, i have two questions. Is UDP connections needed if not using DHT/PEX? And is loopback always needed?

Best regards.

[Ultima]

ZoneAlarm Pro or ZoneAlarm Internet Security Suite

1) Open up ZoneAlarm

2) Go to the Firewall > Main tab

3) Under Internet Zone Security, click the Custom button

4) Under the Internet Zone tab, check the Allow incoming UDP ports, Allow outgoing UDP ports, Allow incoming TCP ports, and Allow outgoing TCP ports. In each one, specify the port number you're trying to open up

5) Click OK

6) Go to the Firewall > Expert tab

7) Click 'Add'

8) Give the rule a name (preferably one with the port number you're trying to open in it, for easier identification)

9) Under the Protocol section, click Modify > Add Protocol > Add Protocol

10) For protocol, select TCP & UDP

11) Give it a description (I guess you can put a name with the port number again if you want =P)

12) For Destination Port, make it Other (if it isn't already), and set the number to the right as the port you're trying to allow connection to.

13) Leave the source part alone (Other, Any)

14) Click OK to everything, and when you're back to the main GUI, click the Apply button.

You need to have a non-free version to follow these instructions, as I haven't used the free one in the longest time, and the last time I remember, it didn't have the Expert tab in some places. I'm not sure if this will help, but I've always set my ZoneAlarm up in this way when I reinstall my computer, and I've never had any hiccups with BitTorrent.

_{* Guide originally posted here}

[Firon]

Norton Internet Security (NIS) 2006

Rhamhoy,

I am running µTorrent 1.5, cFosSpeed v2.13.1085, Norton Internet Security (NIS) 2006, and getting good torrent speeds without any problem. Make sure your NIS Firewall configuration for µTorrent program contains two rules: an Inbound rule to permit TCP and UDP connections from any computer to the single local port your µTorrent is listening on and an Outbound rule to permit TCP and UDP connections to any computer on all ports. It is also necessary to deselect "Stealth blocked ports" in "Advanced security settings" on the NIS Firewall options page, otherwise peers will not be able to make incoming connections resulting in slow download speed and red "Not connectible" network status in µTorrent despite the µTorrent port forward test passing. A better test is BTFAQ's, this will fail if NIS is stealthing your ports. Finally, to avoid nuisance NIS Intrusion Prevention warnings, deselect "Invalid TCP Destination Port", "Invalid TCP Source Port", and "MS Windows H.323 BO (2)" signatures on the Intrusion Prevention Signature Exclusions page of Intrusion Protection Advanced Configuration.

Good luck, Joe

[Ultima]

PC-Cillin 2005

1. Open PC-Cillin Internet Security.

2. Click 'Network Security' along the left side.

3. Click 'Edit.'

4. From the 'Personal Firewall Profile' window, open the 'Exception List.'

5. Click 'Add.'

6. Enter the following information in the appropriate fields:

* Description: uTorrent

* Target: 'Specified Application (enter whever u have the uTorrent.exe stored)

* Action: Allow

* Ports: All Ports

7. Click 'Save.'

Source: http://forum.utorrent.com/viewtopic.php?pid=173414#p173414

[green]

Kaspersky Anti-Hacker

these are settings i use. i have no problems with these settings. you might have problems with these settings.

i am not gonna sit around and figure out what went wrong on your computer if these settings screw things up.

(optional) Untick Stealth Mode

Service -> Application Rules

You need 2 rules.

Rule 1 - This rule allows the application utorrent.exe to establish connections to a remote computer via the protocol TCP

Rule 2 - This rule allows the application utorrent.exe to accept incoming connections from a remote computer via the protocol TCP if the following conditions are met:

local port: <your local incoming port>

Rule 3 (optional) - This rule allows the application utorrent.exe to send and receive UDP packets if the following conditions are met:

local port: <your local incoming port>

Service -> Settings -> Intrusion Detection System

Block assualts for 5 minutes

Kaspersky Anti-Virus Personal

Settings -> Configure Real Time Protection -> Real Time Protection Settings

Block attacking computer for 5 minutes

(optional) Untick 'Use stealth mode'

[Rilex]

ISA Server 2006

Assuming that you'll use port 64000 - 64100 for multiple clients

1) Set up the following new Protocols:

Name: BitTorrent (Inbound)

Ports: TCP - 64000 to 64100 Inbound

Secondary connection: TCP 64000 - 64100 Outbound

Name: BitTorrent (Outbound)

Ports: TCP - 64000 to 64100 Outbound

Secondary connection: TCP 64000 - 64100 Inbound

Name BitTorrent (UDP)

Ports: 64000 to 64100 Send Receive

Secondary connection: 64100 to 64100 Send Receive

You can add each of these to the same Access Rule.

Create another new Protocol on a per-client basis:

Name: BitTorrent (Server - <Client Name>)

Ports: Create a TCP Inbound port range somewhere between 64000 and 64100 (e.g. 64000 to 64010)

Create a Non-Web Server Protocol Publishing Rule per BitTorrent client (client machines must have static IP or have DHCP reservations). These rules are the same thing as SOHO router's "port forwarding":

Name: What ever you want, be descriptive as to what the client using this rule is

Server IP: The client running BitTorrent

Listen from: External (aka The Internet)

Edit the above Server Publishing rule and go to the To tab. Make sure the radio box "Requests appear to come from the original client" is ticked.

Go to Configuration -> General -> Define Firewall Client Settings -> Application Settings tab

Create two New Applications:

Application: [Executable name without file extension, e.g. utorrent]

Key: RemoteBindUdpPorts

Value: 64000-64100

Application: [Executable name without file extension, e.g. utorrent]

Key: ServerBindTcpPorts

Value: 64000-64100

Save all of the above changes and commit them to the ISA Server.

Open utorrent, go to Options -> Preferences -> Connection, set the/a port that your Server Publishing Rule is using.

Under Advanced, go to net.outgoing_port and set it between 64000 and 64100.

I've also set the IP/host name to report to tracker to a Dyndns hostname, though you can also use the ISA Server's external IP (if you're running ISA in Edge firewall mode).

Note: I have not gotten DHT to function in my limited tests (sits at Waiting to log in or login with 0 nodes), but uTorrent reports that NAT is functioning correctly. Download speeds are excellent and upload also works.

Also note that these same steps should be applicable to ISA 2004, but NOT ISA 2000.

[anonymous]

CHX Packet Filter

this rule should be sufficient right?:

Action: Force Allow

Direction: Incoming

Protocol: TCP

Source IP: Any

Source Port: Any

Destination IP: Any

Destination Port: 6346

[Ultima]

Rule configuration for F-Secure Internet Security 2007

Thanks to pawq for the link

[Ultima]

Norton 360

Hey guys. I recently encountered a problem with my utorrent. I was frequently getting the red circle. It used to be a green circle before. I checked my ports using utorrent's port checker and it shows my port is closed. I decided to off my N360 firewall for a while. The green circle immediately went up again. After that, I realized it was something to do with my N360. I played around a bit and got it to work again. (NIS 2007 has the same firewall and configuring it is about the same as N360)

1. Click "Tasks and Settings" on the top in the N360 main window.

2. In the new window, click "Change Advanced Settings" on the right of your screen.

3. In the new window, click "Firewall Protection Settings".

4. Next, click the "Firewall General Rules" tab.

5. Press the "Add" button on the bottom of the window.

6. Next follow in this order to forward your port:

i) Allow: Allow connections to match this rule

ii) Connections from other computers

iii) Any Computer

iv) The protocol you want to allow : TCP and UDP

v) On the same screen, click "Only communications that match all types of ports listed below.

vi) Press "Add" on the same window.

a) Filter By: Individually specified ports

Locality : Local

c) On the box, enter your port number.

vii) Click next, next and next to add the port and now you should have the green tick in utorrent.

Source: http://forum.utorrent.com/viewtopic.php?id=23127

[Ultima]

Kaspersky Internet Security Firewall

[utorrent.exe]

App=[YOUR PATH]

CommandLine=

UseCommandLine=0

Name=DNS Service

Enable=1

Allow=1

Log=0

Warning=0

Protocol=UDP

Direction=OutboundStream

RemotePort=53

Name=Allow TCP Connections [iN] ([YOUR PORT])

Enable=1

Allow=1

Log=0

Warning=0

Protocol=TCP

Direction=InboundStream

LocalPort=[YOUR PORT]

Name=Allow TCP Connections [OUT] (Ephemeral)

Enable=1

Allow=1

Log=0

Warning=0

Protocol=TCP

Direction=OutboundStream

LocalPort=1024-5000

Name=Allow UDP Packets [iN/OUT] (Ephemeral, [YOUR PORT])

Enable=1

Allow=1

Log=0

Warning=0

Protocol=UDP

Direction=InboundOutbound

LocalPort=1024-5000, [YOUR PORT]

Where [YOUR PATH] should be replaced with the full path to your µTorrent executable, and [YOUR PORT] is replaced with the port µTorrent listens on. Save the above (with the proper information filled in) as a INI file using a plain text editor (such as Notepad -- not Microsoft Word or the likes) and import it into Kaspersky's firewall rules. Works for me without hiccups.

[Ultima]

COMODO Firewall Pro

[RULE 1]

Action ............ : Allow

Protocol .......... : UDP

Direction ......... : Out

Description ....... : DNS Service

Source Address .... : Any

Destination Address : Any

Source Port ....... : Any

Destination Port .. : (A Single Port) 53

[RULE 2]

Action ............ : Allow

Protocol .......... : UDP

Direction ......... : Out

Description ....... : Multicast

Source Address .... : Any

Destination Address : (IP Range) 239.0.0.0 - 239.255.255.255

Source Port ....... : Any

Destination Port .. : (A Single Port) 6771

[RULE 3]

Action ............ : Allow

Protocol .......... : UDP

Direction ......... : In

Description ....... : Ephemeral Ports [iN] (UDP)

Source Address .... : Any

Destination Address : Any

Source Port ....... : Any

Destination Port .. : (A Port Range) 1024 - 5000

[RULE 4]

Action ............ : Allow

Protocol .......... : TCP or UDP

Direction ......... : Out

Description ....... : Ephemeral Ports [OUT] (TCP/UDP)

Source Address .... : Any

Destination Address : Any

Source Port ....... : (A Port Range) 1024 - 5000

Destination Port .. : Any

[RULE 5]

Action ............ : Allow

Protocol .......... : TCP or UDP

Direction ......... : In

Description ....... : Port [YOUR PORT] [iN] (TCP/UDP)

Source Address .... : Any

Destination Address : Any

Source Port ....... : Any

Destination Port .. : (A Single Port) [YOUR PORT]

[RULE 6]

Action ............ : Allow

Protocol .......... : UDP

Direction ......... : Out

Description ....... : Port [YOUR PORT] [OUT] (UDP)

Source Address .... : Any

Destination Address : Any

Source Port ....... : (A Single Port) [YOUR PORT]

Destination Port .. : Any

Where [YOUR PORT] is replaced with the port µTorrent listens on. These rules can be made global rules, but you're probably better off making them application-specific.

In COMODO Firewall Pro v2.x:

- Application-specific rules can be added via Security > Application Monitor

- Global rules can be added via Security > Network Monitor

In COMODO Firewall Pro v3.0:

- Application-specific rules can be added via Firewall > Advanced > Network Security Policy > Application Rules

- Global rules can be added via Firewall > Advanced > Network Security Policy > Global Rules

NOTES:

[ul][li]I made a lot of rules, but that's because I was trying to make the rules as tight as I could.[/li]

[li]The Multicast rule can probably be tightened down considerably for the Destination Address, but I wasn't entirely sure how specific I could make the rule without breaking µTorrent's multicast (should the IP ever change in the future), so I left it with such a large range. If I'm not mistaken, the one single IP µTorrent used for LPD was 239.192.152.143, but again, I'm not sure if limiting the rule to that single IP would cause any misbehaviors in the future. Adjust the rule if you really want to, but I don't think it's really necessary, since the range is reserved anyway.[/li]

[li]If you're using an alternative listening port for any reason, then you're going to need to create a copy of rule 5 for that port (though you probably won't need the UDP part of that rule -- I say probably because I haven't tested it).[/li]

[li]I don't use Defense+ in COMODO Firewall Pro v3.0, so I'm not sure how one might configure it (if it is at all necessary to be configured, that is). At least one user has had to configure some setting in Defense+ to make COMODO work properly with µTorrent -- see the relevant thread here.[/li][/ul]

_{* Old instructions for COMODO Firewall Pro}

[Ultima]

BitDefender

Guide by IP-Drowner, original thread here

Information:

This tutorial will teach you how to reach better download speeds using Utorrent if you have BitDefender security enabled. This applies tall BitDefender versions that contain the firewall.

Procedure:

When you start Utorrent for the first time with BitDefender, always press allow. These steps below will help increase your download speed, these ways were only tested on Windows Vista, but should also allow other systems that run Utorrent to work as-well.

[ol]

[li]Right click the BitDefender tray icon and select Open Advanced Settings.[/li]

[li]Select the Firewall icon from the right side menu.[/li]

[li]Go to the Traffic tab and you should see Utorrent.[/li]

[li]Right click Utorrent and select Edit Rule[/li]

[li]In the first drop down box, select Any.[/li]

[li]In the second drop down box, select Allow.[/li]

[li]Click Advanced.[/li]

[li]With the Direction drop down box, select Both.[/li]

[li]With the Source Address and Destination Address drop down boxes, select Any.[/li]

[li]Click the OK button.[/li]

[li]Select OK again from the first window.[/li]

[li]Once you're in the BitDefender control panel again, select the Advanced tab.[/li]

[li]Under Settings, un-check Stealth Mode.[/li]

[li]Check the Apply the same (generic) profile to all networks.[/li]

[li]Press the Close button.[/li]

[li]Open Utorrent.[/li]

[li]Right-click the file you're downloading.[/li]

[li]Select High from the Bandwidth Allocation area.[/li]

[li]Make sure that the Upload Limit is set to 200-250kb.[/li]

[li]Make sure that the Download Limit is set to 400-600kb.[/li]

[li]Open the folder that displays the network you're connected to.[/li]

[li]Right click it and select properties.[/li]

[li]Uncheck Bitdefender Firewall from the settings.[/li]

[li]Select Apply then press OK.[/li][/ol]

That should increase your download and upload speed if you're using BitDefender as computer protection.

Enjoy!

[Ultima]

Norton Internet Security 2009

I would like to share my experiences for other users' interests on how to open a port in firewall set up by Norton AntiVirus 2008:

1. Goto Norton AntiVirus tab of Norton Protection Centre and click on Internet Worm Protection under Web Browsing in Settings

2. A small window will pop up with Turn Off and Configure buttons; click on configure

3. Click Program Control in "How to customize your settings"

4. If there is any entry with uTorrent in the list, delete it and click add.

- Click Allow: Allow connections that match this rule and click "Next"

- Keep as is (connections from other computers) and click "Next"

- Click Any computer and click "Next"

- Choose "TCP and UDP" in the protocol and check "Only communications that match all types and ports listed below and click Add button

- check Individually specified ports in "Filter by" section

- Local in "Locality" section

- and enter your uTorrent port and click "ok"

- Click "Next"

- Leave as is (create an event log entry) and click "Next"

- Type any name for the rule and click "Next"

- Finally click "Finish"

5. Now you should have a new entry in the list, click ok again

6. Click ok and you should be back to options page of Norton AntiVirus

7. Click General Rules and click Add

- Click Allow: Allow connections that match this rule and click "Next"

- Keep as is (connections from other computers) and click "Next"

- Click Any computer and click "Next"

- Choose "TCP and UDP" in the protocol and check "Only communications that match all types and ports listed below and click Add button

- check Individually specified ports in "Filter by" section

- Local in "Locality" section

- and enter your uTorrent port and click "ok"

- Click "Next"

- Leave as is (create an event log entry) and click "Next"

- Type any name for the rule and click "Next"

- Finally click "Finish"

8. Now you should have a new entry in the list, click ok again, move it to the top if you're not sure about other entries

9. Click ok and you should be back to options page of Norton AntiVirus. Click ok and you're done.

10. Test your uTorrent port and it should be forwarded properly now.

Source: http://forum.utorrent.com/viewtopic.php?id=48945

[Ultima]

CA Personal Firewall

1. Open CA Personal Firewall.

2. Click on "Firewall".

3. Find "C:\Program Files\uTorrent\uTorrent.exe" and select it.

4. At the top where it says "Advanced Application Control" and click "Edit".

5. Click "Add".

6. Configure the following menu like this:

7. Don't mess with any of the other configurations.

8. Look through the "Firewall" list for anything else that says "uTorrent", and do the same thing.

Hope I helped!

Source: http://forum.utorrent.com/viewtopic.php?id=51297