Having trouble to make it work

Murus
Post Reply
Lichar
Posts: 6
Joined: Thu Jan 07, 2016 9:07 am

Having trouble to make it work

Post by Lichar » Thu Jan 07, 2016 9:38 am

Hi all,

Previous user of Ice Floor, I decided to give a test to Murus !

However I can't make it work. I uninstall icefloor and previous boot scripts so as to start from scratch.
To test it I used the bitorrent service and add "Everyone" group in the blocked groups. I then launch my bitorrent client (which is running on a port part of the bitorrent service port range) but it can still download without troubles. I also disable the "Open port automatically" in transmission settings.

I'm a bit disconcerted as I want to have much more "complex" rules based on interfaces so as to configure my VPN connections for example.

I may have forgotten some super simple thing but can't get what. (Yeah Murus is running green ;) )

Help will be appreciated,

Thanks !

hany
Posts: 481
Joined: Wed Dec 10, 2014 5:20 pm

Re: Having trouble to make it work

Post by hany » Thu Jan 07, 2016 7:47 pm

bittorrent is not the best service to start from when trying to filter connections using a network firewall because bittorrent is tricky by design :)
Look, bt clients work even if the listening port is not public (= closed on main router and/or filtered somewhere else). To effectively block them you should block outbound connections to a whole set of (high) ports, which is not practical at all (and wrong).
Bittorrent clients are the kind of clients that need an application firewall in order to be blocked, because pf (and similar network firewalls) are not the best way to do it. That's one of the reasons why we are developing Vallum :)
However if you look at active PF states (you need Murus Pro or the terminal) then you will realize which kind of connections BT is doing, and how to block them by hand.

Lichar
Posts: 6
Joined: Thu Jan 07, 2016 9:07 am

Re: Having trouble to make it work

Post by Lichar » Fri Jan 08, 2016 10:12 am

Can't wait for Murus Pro and Vallum then ! ;-)

Thanks for explanations

Post Reply