Monday, August 17, 2009

Comodo Firewall 3 for Uttorrent

SkyHi @ Monday, August 17, 2009
Ragwing:
First of all:

- Disable 'Randomize port everytime uTorrent starts' in uTorrent settings -> Connections.

- Choose a port to listen for incoming connections in uTorrent settings -> Connections.

- If you have a router, follow the instructions for port forwarding on your router.

- I also recommend using the speed tweak.

Now the the configuration for the firewall. I have two set-ups of rules. The first one is a bit easier, and as many people don't like connections on privileged (port 1-1024), I've created a rule set for them too.

(NOTE: If you don't have a static IP, use the MAC adress (instructions on how to get it here). It also works with 'Any'.
Description for the rules are optional. You can change them if you want too.
Add the rules in the order I've numbered them.

Option 1 - Allow use of privileged ports (Recommended for beginners)

Go to Firewall->Advanced->Network Security Policy->Global Rules and add the following rule above all blocking (red) rules:

Action: Allow
Protocol: TCP or UDP
Direction: In
Description: Allow incoming traffic for uTorrent
Source Address: Any
Destination Address: Your IP/MAC or Any
Source Port: Any
Destination Port: uTorrent-port

Now go to Firewall -> Advanced -> Network Security Policy -> Application Rules, and add these for uTorrent.exe:

Rule 1

Action: Allow
Protocol: TCP or UDP
Direction: In
Description: Allow incoming traffic for uTorrent
Source Address: Any
Destination Address: Your IP/MAC or Any
Source Port: Any
Destination Port: uTorrent-port

Rule 2

Action: Allow
Protocol: TCP or UDP
Direction: Out
Description: Allow outgoing traffic for uTorrent
Source Address: Your IP/MAC or Any
Destination Address: Any
Source Port: Any
Destination Port: Any

Rule 3

Action: Block (mark 'Log as firewall event if this rule is fired')
Protocol: IP
Direction: Out
Description: Block and log outgoing traffic
Source Address: Your IP/MAC or Any
Destination Address: Any

Rule 4

Action: Block (mark 'Log as firewall event if this rule is fired')
Protocol: IP
Direction: In
Description: Block and log incoming traffic
Source Address: Any
Destination Address: Your IP/MAC or Any

The application rules should now look like this:


Option 2 - Deny use of privileged ports (Recommended for additional security, but might cause problems due to some ports being blocked)

Go to Firewall->Advanced->Network Security Policy->Global Rules and add the following rule above all blocking (red) rules:

Action: Allow
Protocol: TCP or UDP
Direction: In
Description: Allow incoming traffic for uTorrent
Source Address: Any
Destination Address: Your IP/MAC or Any
Source Port: 1025-65535
Destination Port: uTorrent-port

Now go to Firewall -> Advanced -> Network Security Policy -> Application Rules, and add these for uTorrent.exe:

Rule 1

Action: Allow
Protocol: TCP or UDP
Direction: In
Description: Allow incoming traffic
Source Address: Any
Destination Address: Your IP/MAC or Any
Source Port: 1025-65535
Destination Port: uTorrent port

Rule 2

Action: Allow
Protocol: TCP or UDP
Direction: Out
Description: Allow outgoing traffic
Source Address: Your IP/MAC or Any
Destination Address: Any
Source Port: 1025-65535
Destination Port: 1025-65535

Rule 3

Action: Allow
Protocol: TCP
Direction: Out
Description: Allow outgoing HTTP-traffic
Source Address: Your IP/MAC or Any
Destination Address: Any
Source Port: 1025-65535
Destination Port: 80

Rule 4

Action: Allow
Protocol: UDP
Direction: Out
Description: Allow DNS-requests
Source Address: Your IP/MAC or Any
Destination Address: Any or your DNS server (can be found by launching cmd.exe and writing 'ipconfig /all'.
Source Port: 1025-65535
Destination Port: 53

If you have more than one DNS-server, add a rule for each of them.

Rule 5

Action: Block
Protocol: TCP or UDP
Direction: Out
Description: Block outgoing traffic on privileged ports
Source Address: Your IP/MAC or Any
Destination Address: Any
Source Port: 1-1024
Destination Port: 1-1024

Rule 6

Action: Block
Protocol: TCP or UDP
Direction: In
Description: Block incoming traffic on privileged ports
Source Address: Any
Destination Address: Your IP/MAC or Any
Source Port: 1-1024
Destination Port: 1-1024

Rule 5 and 6 will prevent connections to privileged ports from getting logged, so that CFP 3 won't log a lot of intrusion attempts.

Rule 7

Action: Block (mark 'Log as firewall event if this rule is fired')
Protocol: IP
Direction: Out
Description: Block and log outgoing traffic
Source Address: Your IP/MAC or Any
Destination Address: Any

Rule 8

Action: Block (mark 'Log as firewall event if this rule is fired')
Protocol: IP
Direction: In
Description: Block and log incoming traffic
Source Address: Any
Destination Address: Your IP/MAC or Any

If you've done it correctly, your application rules should look like this:

(You might have more entries for DNS-requests)

Both works with everything enabled in Attack Detection Settings. I've been able to reach maximum download and upload speeds in uTorrent with both of them.


Reference: https://forums.comodo.com/frequently_asked_questions_faq_for_comodo_firewall/tutorial_for_utorrent_with_comodo_firewall_3-t15677.0.html%3Bwap2=