Has anyone created rules for overnet? I'm somewhat new to this and overnet seems like quite a beastly thing to make rules for.

http://www.overnet.com/documentation/index.html

"TCP Port - The port on which Incoming transfers will be made (files you are downloading from other users). Uploads will locally be made from a random port.

UDP Port - The port used for seeking sources for files, as well as searching for files to download"

"Alternatively, with some more advanced firewalls, or firewall settings you will need to open port and 4662 TCP for both incoming and out going connections, you will also need to type VO in the message box of overnet, it will list two ports, the TCP port, of 4662, and a UDP port. This port is randomly generated when OverNet is run for the first time. You can change this port to be whatever you like, but it will also be need to be open in your firewall."

so

to download files:
allow outbound tcp where local port is x (default 4662)

to upload files:
allow inbound tcp

everything else:
allow udp where local port is x

deny tcp

deny udp


does that seem right?

Originally posted by elky
Has anyone created rules for overnet?
I have not used this application, but it looks like you have a very good start.
Originally posted by elky
I'm somewhat new to this and overnet seems like quite a beastly thing to make rules for.
All P2P clients seem to be the same way. Fortunately, some vendors, like Overnet, seem to have the foresight to provide some information on configuring a firewall. There information looks very good so far.
Originally posted by elky
http://www.overnet.com/documentation/index.html

"TCP Port - The port on which Incoming transfers will be made (files you are downloading from other users). Uploads will locally be made from a random port.

UDP Port - The port used for seeking sources for files, as well as searching for files to download"

"Alternatively, with some more advanced firewalls, or firewall settings you will need to open port and 4662 TCP for both incoming and out going connections, you will also need to type VO in the message box of overnet, it will list two ports, the TCP port, of 4662, and a UDP port. This port is randomly generated when OverNet is run for the first time. You can change this port to be whatever you like, but it will also be need to be open in your firewall."
This last paragraph is excellent and exactly what applies when it comes to making firewall rules for Overnet using Outpost. I will list a ruleset based on this below yours. :)
Originally posted by elky
so

to download files:
allow outbound tcp where local port is x (default 4662)

to upload files:
allow inbound tcp

everything else:
allow udp where local port is x

deny tcp

deny udp

does that seem right?
Excellent start and I see you have used two rules that I have been recommending to help terminate non-standard connections. Here is my recommendation:

Overnet Outbound TCP Connection Rule
Where the protocol is: TCP
Where the direction is: Outbound
Where the REMOTE port is: 4662
Allow It

Note: Allows you to connect to other hosts and download files.

Overnet Inbound TCP Connection Rule
Where the protocol is: TCP
Where the direction is: Inbound
Where the LOCAL port is: 4662
Allow It

Note: Allows OTHERS to connect to YOUR PC and get shared files from the shared folders on YOUR PC. If you do not want others uploading files from your PC, you should change this rule to Deny It. However, some clients may not function properly if you are not sharing also.

Overnet UDP Connection Rule
Where the protocol is: UDP
Where the REMOTE port is: see Note
Allow It

Note: It would seem that you have to follow a special procedure to randomly generate the UDP port to use. Then it would seem that you can make your own choice after this. I have highlighted the specific comments from the documentation regarding this above. I think that you should have no problem with this as you seem to have reviewed the documentation and produced a reasonably good ruleset at this point.

Overnet Non-Standard TCP Connection Termination Rule
Where the protocol is: TCP
Deny It

Overnet Non-Standard UDP Connection Termination Rule
Where the protocol is: UDP
Deny It

Note: Excellent....these two rules will block any non-standard connection attempts other than the ports that are defined. Remember, these two rules MUST be last to work properly.

As I have said many times, these P2P clients can connect to many different ports and it is safe to open a wider port range if proper connectivity cannot be established with the standard ruleset. But I will tell you that I have NEVER had any problem using a ruleset designed as above and only allowing the client to use a default or very small port range. I would try the client for a while just using the ruleset defined above and if you have any difficulty or you are not getting many results in your searches, you might start by opening up the port range. If you have the need to do this, let me know. Although I do not think there is anything wrong with opening the port range IF NEEDED, I do think it is wise to make the changes in a systematic way.

Anyway, again I would like to say that I think your initial ruleset is excellent and Ihope that you have found my directions and comments useful. Let me know if you have any more questions. I will try to answer as soon as I am able.

Have a good day. :)

Just like elky said in a past thread.

* TDP (standard 4662) - The port on which Incoming transfers will be made

* Uploads are made Locally from a random port!

* UDP (Standard 7927 on my system, insert your UDP port here instead) - The port used for seeking sources for files, as well as searching for files to download

REMEMBER! Overnet ONLY needs incoming traffic on those two ports!

This preset for edonkey2000/overnet (NOT incl. ed2k-network. I don´t use the ed2k network and this option is not STANDARD edonkey2000) works for me. BUT Maybe it can be improved??

The main problem, in setting up the rules, is: Many users do not use the STANDARD UDP port. Most users (I guess) use the standard TCP port.

These rules are based on those thoughts and facts. Read the comments (;like this) in the presetcode for more detail.

I personally use visibleState: 1 without problems.
This means that you can see the rule under PRESETS in Outpost.
In this example Visiblestate: 1. This is the NOT the adviced setting for applications in Outpost (standard is "0").
But it will ease using the edonkey2000 preset, because you can now find the settings under PRESETS.
One click and "overnet" is configured in outpost.

You should Exit & Shutdown Outpost before you edit your preset.lst file to avoid any problems. Also ensure that you leave a blank line at the end of your preset.lst file or when Outpost is restarted it will generate an error.

under ;p2p in Outpost preset.lst insert this
(comments are removed in the attached .txt file).

;---------------------------------------------
[edonkey2000 - Default]
VisibleState: 1
Exe:
edonkey2000, edonkey2000.exe
DefaultState: 1
RuleName: edonkey - Client to Client Source Exchange
Protocol: TCP
LocalPort: 4662
Direction: Inbound
AllowIt

DefaultState: 1
RuleName: edonkey - Client to Client Source Exchange
Protocol: TCP
RemotePort: 4662
Direction: Outbound
AllowIt

DefaultState: 1
RuleName: edonkey - Queue Rating, File search
Protocol: UDP
LocalPort: 7927
AllowIt

;I choose to Block ALL non standard outgoing TCP, to avoid constant popup messages from Outpost. (Users NOT using the standard TCP)
;But I stil get nice downloadspeeds, so i guess many people use this port.

;I choose to Allow ALL outgoing UDP, to ensure good search results
;Many people do not use the standard port.

DefaultState: 1
RuleName: edonkey - Non Standard outbound UDP ALLOWED
Protocol: UDP
Direction: Outbound
AllowIt

DefaultState: 1
RuleName: edonkey - Non Standard outbound TCP BLOCKED
Protocol: TCP
Direction: Outbound
BlockIt

; allow Browser

DefaultState: 1
RuleName: edonkey HTTP connection
Protocol: TCP
RemotePort: 80-83, 443, 1080, 3128, 8080, 8088, 11523
Direction: Outbound
AllowIt
;-----------------------------------------

I use this preset, and my overnet is running smooooth with NO popup warnings, but maybe someone has other suggestions?

ed2k network users have to set up rules for port 4661 and 4665 as well.
But I guess, thats not hard to do, manually. :)

Regards,
Escobar :D

The tekst above is correct and the rules work (but blocks non standard outgoing TCP). But I´ve posted a better set of rules (I think so) here...
http://www.outpostfirewall.com/forum/showthread.php?t=13345

Both edonkey/overnet and emule included. Non standard port users also included.

Escobar. :D