Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Replies 1 reply
  • Subscribers 0 subscribers
  • Views 764 views
  • Users 0 members are here
Options
Suggested

P2P / Bittorent

ulong
I'm testing using bittorent. I set to Alert for this protocol.

in the packet filter i saw several grey lines as "auto packet filter rules", but it miss several other packet see below :

The test config is using µtorrent 1.7.7, on fix out port 1000/TCP, and using #19102/UDP in inbound connection

In µTorrent to fix the outgoing source port in use in options/prefernces/advanced "net.outgoingport" 1000

It seems to not reconised the TCP connections... and some udp connections...

Regards
Ulong

Smalll snipset of my packet filter log :

20:06:16  Auto-generated rule  UDP 
58.35.158.101  :  15124
→ 
192.168.0.1  :  19102

len=126  ttl=105  tos=0x00
20:06:16  Packetfilter rule #4  UDP 
87.217.8.124  :  51359
→ 
192.168.0.1  :  19102

len=131  ttl=113  tos=0x00  srcmac=00:07:cb:4b:93:41  dstmac=00:00:5a:9e:bf:14
20:06:17  Auto-generated rule  UDP 
87.217.8.124  :  51359
→ 
192.168.0.1  :  19102

len=131  ttl=113  tos=0x00
20:06:17  Packetfilter rule #8  UDP 
192.168.0.1  :  19102
→ 
24.18.50.146  :  6881

len=95  ttl=63  tos=0x00  srcmac=00:17:31:ea:33:fc  dstmac=00:00:5a:9e:bf:08
20:06:17  Auto-generated rule  UDP 
192.168.0.1  :  19102
→ 
24.18.50.146  :  6881

len=95  ttl=63  tos=0x00
20:06:17  Packetfilter rule #8  UDP 
192.168.0.1  :  19102
→ 
92.12.57.234  :  50959

len=95  ttl=63  tos=0x00  srcmac=00:17:31:ea:33:fc  dstmac=00:00:5a:9e:bf:08
20:06:17  Auto-generated rule  UDP 
192.168.0.1  :  19102
→ 
92.12.57.234  :  50959

len=95  ttl=63  tos=0x00
20:06:17  Packetfilter rule #8  UDP 
192.168.0.1  :  19102
→ 
89.210.16.118  :  50004

len=95  ttl=63  tos=0x00  srcmac=00:17:31:ea:33:fc  dstmac=00:00:5a:9e:bf:08
20:06:17  Auto-generated rule  UDP 
192.168.0.1  :  19102
→ 
89.210.16.118  :  50004

len=95  ttl=63  tos=0x00
20:06:17  Packetfilter rule #8  UDP 
192.168.0.1  :  19102
→ 
24.236.42.95  :  40915

len=95  ttl=63  tos=0x00  srcmac=00:17:31:ea:33:fc  dstmac=00:00:5a:9e:bf:08
20:06:17  Auto-generated rule  UDP 
192.168.0.1  :  19102
→ 
24.236.42.95  :  40915

len=95  ttl=63  tos=0x00
20:06:17  Packetfilter rule #8  UDP 
192.168.0.1  :  19102
→ 
92.11.39.76  :  50959

len=95  ttl=63  tos=0x00  srcmac=00:17:31:ea:33:fc  dstmac=00:00:5a:9e:bf:08
20:06:17  Auto-generated rule  UDP 
192.168.0.1  :  19102
→ 
92.11.39.76  :  50959

len=95  ttl=63  tos=0x00
20:06:17  Packetfilter rule #8  TCP 
192.168.0.1  :  1000
→ 
124.82.26.212  :  32589

[SYN]  len=52  ttl=63  tos=0x00  srcmac=00:17:31:ea:33:fc  dstmac=00:00:5a:9e:bf:08
20:06:17  Packetfilter rule #8  TCP 
192.168.0.1  :  1000
→ 
81.130.209.12  :  12352

[SYN]  len=52  ttl=63  tos=0x00  srcmac=00:17:31:ea:33:fc  dstmac=00:00:5a:9e:bf:08
20:06:17  Packetfilter rule #8  TCP 
192.168.0.1  :  1000
→ 
24.236.42.95  :  40915

[SYN]  len=52  ttl=63  tos=0x00  srcmac=00:17:31:ea:33:fc  dstmac=00:00:5a:9e:bf:08
20:06:17  Packetfilter rule #8  TCP 
192.168.0.1  :  1000
→ 
92.10.193.161  :  50959

[SYN]  len=52  ttl=63  tos=0x00  srcmac=00:17:31:ea:33:fc  dstmac=00:00:5a:9e:bf:08
20:06:17  Packetfilter rule #8  TCP 
192.168.0.1  :  1000
→ 
89.210.16.118  :  50004

[SYN]  len=52  ttl=63  tos=0x00  srcmac=00:17:31:ea:33:fc  dstmac=00:00:5a:9e:bf:08
20:06:17  Packetfilter rule #8  TCP 
192.168.0.1  :  1000
→ 
92.12.57.234  :  50959

[SYN]  len=52  ttl=63  tos=0x00  srcmac=00:17:31:ea:33:fc  dstmac=00:00:5a:9e:bf:08
20:06:17  Packetfilter rule #8  TCP 
192.168.0.1  :  1000
→ 
90.195.4.220  :  25571

[SYN]  len=52  ttl=63  tos=0x00  srcmac=00:17:31:ea:33:fc  dstmac=00:00:5a:9e:bf:08
20:06:17  Packetfilter rule #8  TCP 
192.168.0.1  :  1000
→ 
92.11.213.193  :  50959

[SYN]  len=52  ttl=63  tos=0x00  srcmac=00:17:31:ea:33:fc  dstmac=00:00:5a:9e:bf:08
Parents Reply Children
No Data
Unfiltered HTML