8854 1 Posted ... Trust me, I would not know what tweaking to do within gpedit. I am very computer literate, but I am not a networking guy. Quote Share this post Link to post
Flx 76 Posted ... Block your torrent client from accessing local addresses(IP etc).(Inbound/Outbound). Image below: Quote Hide Flx's signature Hide all signatures Guide - EMBY Block ALL interfaces except tap/vpn Windows OS - Configuring your operating system Windows OS - Multi Session/Tunnel Share this post Link to post
Flx 76 Posted ... 22 minutes ago, 8854 said: I use Comodo, not Windows Defender. Why did you not say so earlier? How did you configure it? Quote Hide Flx's signature Hide all signatures Guide - EMBY Block ALL interfaces except tap/vpn Windows OS - Configuring your operating system Windows OS - Multi Session/Tunnel Share this post Link to post
8854 1 Posted ... I was not asked. I did not know that the conversation related to the Windows Firewall. I tried using the rulesets for utorrent on the Comodo site. I selected custom ruleset in the main interface, but I am not getting the ask prompts from Comodo https://help.comodo.com/topic-72-1-766-9095-Enable-File-Sharing-Applications-like-BitTorrent-and-Emule.html?af=7639 ! 2022.10.28 03:21:49 - Activation of Network Lock - Windows Filtering Platform I 2022.10.28 03:21:50 - Session starting. I 2022.10.28 03:21:51 - Checking authorization ... . 2022.10.28 03:21:52 - Collect network information . 2022.10.28 03:21:55 - Added new network interface "Eddie", Wintun version 0.12 . 2022.10.28 03:21:55 - Collect network information . 2022.10.28 03:21:57 - Using WinTun network interface "Eddie (Eddie Tunnel)" ! 2022.10.28 03:21:57 - Connecting to Haedus (United States of America, New York City) . 2022.10.28 03:21:58 - Routes, add 146.70.115.141/32 for interface "Ethernet (Intel(R) I211 Gigabit Network Connection)". . 2022.10.28 03:21:59 - Routes, add 146.70.115.141/32 for interface "Ethernet (Intel(R) I211 Gigabit Network Connection)", already exists. . 2022.10.28 03:21:59 - OpenVPN > OpenVPN 2.5.7 Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on May 27 2022 . 2022.10.28 03:21:59 - OpenVPN > Windows version 10.0 (Windows 10 or greater) 64bit . 2022.10.28 03:21:59 - OpenVPN > library versions: OpenSSL 1.1.1o 3 May 2022, LZO 2.10 . 2022.10.28 03:21:59 - OpenVPN > Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key . 2022.10.28 03:21:59 - OpenVPN > Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication . 2022.10.28 03:21:59 - OpenVPN > Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key . 2022.10.28 03:21:59 - OpenVPN > Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication . 2022.10.28 03:21:59 - OpenVPN > TCP/UDP: Preserving recently used remote address: [AF_INET]146.70.115.141:443 . 2022.10.28 03:21:59 - OpenVPN > Socket Buffers: R=[65536->262144] S=[65536->262144] . 2022.10.28 03:21:59 - OpenVPN > UDP link local: (not bound) . 2022.10.28 03:21:59 - OpenVPN > UDP link remote: [AF_INET]146.70.115.141:443 . 2022.10.28 03:21:59 - OpenVPN > TLS: Initial packet from [AF_INET]146.70.115.141:443, sid=a4533d76 efe21d55 . 2022.10.28 03:21:59 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org . 2022.10.28 03:21:59 - OpenVPN > VERIFY KU OK . 2022.10.28 03:21:59 - OpenVPN > Validating certificate extended key usage . 2022.10.28 03:21:59 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication . 2022.10.28 03:21:59 - OpenVPN > VERIFY EKU OK . 2022.10.28 03:21:59 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Haedus, emailAddress=info@airvpn.org . 2022.10.28 03:21:59 - OpenVPN > Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, peer certificate: 4096 bit RSA, signature: RSA-SHA512 . 2022.10.28 03:21:59 - OpenVPN > [Haedus] Peer Connection Initiated with [AF_INET]146.70.115.141:443 . 2022.10.28 03:21:59 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway ipv6 def1 bypass-dhcp,dhcp-option DNS 10.26.234.1,dhcp-option DNS6 fde6:7a:7d20:16ea::1,tun-ipv6,route-gateway 10.26.234.1,topology subnet,ping 10,ping-restart 60,ifconfig-ipv6 fde6:7a:7d20:16ea::10a1/64 fde6:7a:7d20:16ea::1,ifconfig 10.26.234.163 255.255.255.0,peer-id 1,cipher AES-256-GCM' . 2022.10.28 03:21:59 - OpenVPN > Pushed option removed by filter: 'redirect-gateway ipv6 def1 bypass-dhcp' . 2022.10.28 03:21:59 - OpenVPN > Pushed option removed by filter: 'dhcp-option DNS 10.26.234.1' . 2022.10.28 03:21:59 - OpenVPN > Pushed option removed by filter: 'dhcp-option DNS6 fde6:7a:7d20:16ea::1' . 2022.10.28 03:21:59 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified . 2022.10.28 03:21:59 - OpenVPN > OPTIONS IMPORT: compression parms modified . 2022.10.28 03:21:59 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified . 2022.10.28 03:21:59 - OpenVPN > OPTIONS IMPORT: route-related options modified . 2022.10.28 03:21:59 - OpenVPN > OPTIONS IMPORT: peer-id set . 2022.10.28 03:21:59 - OpenVPN > OPTIONS IMPORT: adjusting link_mtu to 1625 . 2022.10.28 03:21:59 - OpenVPN > OPTIONS IMPORT: data channel crypto options modified . 2022.10.28 03:21:59 - OpenVPN > Data Channel: using negotiated cipher 'AES-256-GCM' . 2022.10.28 03:21:59 - OpenVPN > Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key . 2022.10.28 03:21:59 - OpenVPN > Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key . 2022.10.28 03:21:59 - OpenVPN > interactive service msg_channel=0 . 2022.10.28 03:21:59 - OpenVPN > open_tun . 2022.10.28 03:21:59 - OpenVPN > wintun device [Eddie] opened . 2022.10.28 03:22:00 - OpenVPN > NETSH: C:\WINDOWS\system32\netsh.exe interface ip set address 19 static 10.26.234.163 255.255.255.0 . 2022.10.28 03:22:01 - OpenVPN > NETSH: C:\WINDOWS\system32\netsh.exe interface ip delete dns 19 all . 2022.10.28 03:22:01 - OpenVPN > NETSH: C:\WINDOWS\system32\netsh.exe interface ip delete wins 19 all . 2022.10.28 03:22:01 - OpenVPN > IPv4 MTU set to 1500 on interface 19 using SetIpInterfaceEntry() . 2022.10.28 03:22:01 - OpenVPN > NETSH: C:\WINDOWS\system32\netsh.exe interface ipv6 set address 19 fde6:7a:7d20:16ea::10a1/128 store=active . 2022.10.28 03:22:01 - OpenVPN > add_route_ipv6(fde6:7a:7d20:16ea::/64 -> fde6:7a:7d20:16ea::10a1 metric 0) dev Eddie . 2022.10.28 03:22:01 - OpenVPN > C:\WINDOWS\system32\netsh.exe interface ipv6 add route fde6:7a:7d20:16ea::/64 19 fe80::8 store=active . 2022.10.28 03:22:01 - OpenVPN > env_block: add PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem . 2022.10.28 03:22:01 - OpenVPN > NETSH: C:\WINDOWS\system32\netsh.exe interface ipv6 delete dns 19 all . 2022.10.28 03:22:01 - OpenVPN > IPv6 MTU set to 1500 on interface 19 using SetIpInterfaceEntry() . 2022.10.28 03:22:01 - OpenVPN > Initialization Sequence Completed . 2022.10.28 03:22:01 - Interface Eddie metric changed from Automatic to 3, layer IPv4 . 2022.10.28 03:22:01 - Interface Eddie metric changed from Automatic to 3, layer IPv6 . 2022.10.28 03:22:01 - DNS leak protection with packet filtering enabled. . 2022.10.28 03:22:04 - DNS IPv4 of a network adapter forced (Eddie, from automatic to 10.26.234.1) . 2022.10.28 03:22:05 - DNS IPv6 of a network adapter forced (Eddie, from automatic to fde6:7a:7d20:16ea::1) . 2022.10.28 03:22:05 - DNS IPv4 of a network adapter forced (Ethernet, from automatic to 10.26.234.1) . 2022.10.28 03:22:05 - DNS IPv6 of a network adapter forced (Ethernet, from automatic to fde6:7a:7d20:16ea::1) . 2022.10.28 03:22:05 - DNS IPv4 of a network adapter forced (Loopback Pseudo-Interface 1, from automatic to 10.26.234.1) . 2022.10.28 03:22:05 - DNS IPv6 of a network adapter forced (Loopback Pseudo-Interface 1, from automatic to fde6:7a:7d20:16ea::1) . 2022.10.28 03:22:06 - Routes, add 0.0.0.0/1 for interface "Eddie (Eddie Tunnel)". . 2022.10.28 03:22:07 - Routes, add 128.0.0.0/1 for interface "Eddie (Eddie Tunnel)". . 2022.10.28 03:22:07 - Routes, add ::/1 for interface "Eddie (Eddie Tunnel)". . 2022.10.28 03:22:08 - Routes, add 8000::/1 for interface "Eddie (Eddie Tunnel)". . 2022.10.28 03:22:09 - Routes, add 146.70.115.139/32 for interface "Eddie (Eddie Tunnel)". . 2022.10.28 03:22:10 - Routes, add 2a0d:5600:24:210:241b:33c8:e851:4f82/128 for interface "Eddie (Eddie Tunnel)". . 2022.10.28 03:22:10 - Flushing DNS I 2022.10.28 03:22:10 - Checking route IPv4 I 2022.10.28 03:22:11 - Checking route IPv6 I 2022.10.28 03:22:11 - Checking DNS ! 2022.10.28 03:22:11 - Connected. Quote Share this post Link to post
Flx 76 Posted ... That is not how you configure Comodo. This is the proper way----> Quote Hide Flx's signature Hide all signatures Guide - EMBY Block ALL interfaces except tap/vpn Windows OS - Configuring your operating system Windows OS - Multi Session/Tunnel Share this post Link to post
8854 1 Posted ... Is that post still valid, it is 10 years old? I will see what I can do. I am 70, so I will do the best I can. Quote Share this post Link to post
Staff 9971 Posted ... On 10/28/2022 at 8:30 PM, 8854 said: Is that post still valid, it is 10 years old? I will see what I can do. I am 70, so I will do the best I can. Hello! If necessary, you might consider to revert back to Eddie Network Lock, by disabling Comodo when you need to use the VPN with Network Lock. Eddie will enforce WFP rules to prevent any type of traffic leak outside the VPN tunnel. When you shut down Eddie remember to re-enable Comodo. A second quick and easy procedure which might come handy is binding the torrent software to the tun/tap interface, if you decide to keep Comodo enabled and experiment with rules. Bind options are nowadays available is various torrent programs. In this way if you make any mistake with Comodo rules, the binding of the torrent software will ensure that, at least for the torrent traffic, you will have no leaks even in case of unexpected disconnection. If you need testing your rules and binding in real time, ipleak.net may test your torrent traffic too and it will tell you the IP address it sees your torrent traffic coming from (ipleak.net offers a specific option to do so). Kind regards Quote Share this post Link to post