PDA

View Full Version : OK I've done everything but still Firewalled on Comcast


FatElvis
2010-03-28, 08:27 PM
I've followed every direction I can... to the point of both disabling the firewall on both my router (dd-wrt) and within MacOS... I'm still firewalled getting blue, yellow, and red status in Vuze.

I'm on Comcast.... are they still blocking traffic? I've entered my cable modem setup but can only view diagnostics, I cannot change anything.

Anyone here overcome similar issues? And how?

mdshrk1
2010-03-28, 09:07 PM
That makes two of us. :wtf:

FatElvis
2010-03-29, 12:31 AM
So what to do? I was able to see my cable modem's settings and there's a firewall, but no way to edit anything. Guess I'm screwed.

Zachary Taylor
2010-03-29, 01:51 AM
I'm firewalled on Comcast sometimes, and sometimes I'm not. All this weekend I was.

I went through the whole process once, and got nothing. I manage to download and keep a good ratio anyway. I expect in a few days after rebooting and using a different port on a different day, I won't be firewalled for a while.

mrpete
2010-04-01, 02:14 PM
I'm on Comcast using a 1+ year old copy of uTorrent for Winblows and I haven't had any torrent problems/slowness/connectability within recent memory. My computer is up and seeding pretty much 24/7.

Elvis, you say "I was able to see my cable modem's settings and there's a firewall." What is the model of your cale modem?

Two questions for all of you ... How long have you folks had the same sort of cable modem? Weeks, months, years? I live in the far flung suburbs of Chicago. Do any of you folks live in the Chicagoland area?

back to tech stuff ... My computer is set to a static IP above the range that the Linksys gives out as DHCP IPs. I've got UPnP forwarding disabled in both the router and uTorrent. I recall running across something that said the security of UPnP was less than perfect. uTorrent is set to use a random high port of my choosing. That port is set in my Linksys to be forwarded to the static IP. My firewall is set to allow traffic on the port to come in. I've got uTorrent set to encrypt the packets, but to also allow in connections from folks who do not use encryption.

[[ I just looked and in the router and software firewall and I also allow in on TCP/IP and UDP the old/standard port(s) that uTorrent would normally use ... or used to use ... 6969, 6881-6889. I don't think that that is necessary. I probably just forgot to turn those ports off. But, I could be wrong about that. ]]

By "disabling the firewall on ... my router." I asume that you mean that you've put the static IP of your computer into the DMZ of the router. That's the only way to disable the HW router "firewall." That's dangerous as anything other than a test. It's a very good test technique.

I could be wrong, but I doubt that you would need/want to change anything with the cable modem.

What I've mainly done above is to describe a configuration that I know works on Comcast (for me/on my section of the network). That may not necessarily help you on a Mac with Vuse. Among the peers I connect to uTorrent for Mac 0.92 is not an uncommon client. It is beta, but I see a lot of people using it.

Could it be that my subnet of the Comcat network is so different from the subnets that you folks are on? I kinda doubt it, but ...

direwolf-pgh
2010-04-01, 02:18 PM
您康卡斯特有线电视调制解调器路由器。你有一个双路由器配置错误=

pissah
2010-04-01, 02:31 PM
Comcast/Xfinity is the company that was found by the FCC to have illegally throttled their customer's speeds - they might still be sneaking it in.

I'd get a new ISP.

Those Verizon ads with the Verizon vs. the Comcast guy are great and pretty right on

mrpete
2010-04-01, 06:34 PM
The post by direwolf-pgh appears to be in Chinese and to say:

You Comcast Cable modem router ... do you have a dual router configuration error?

This Chinese stuff (April Fools) is quite the laugh! :lol4:

It is absolutely true that Comcast was found guilty of abusively messing with BitTorrent connections ("Break em!"). The FCC came down HARD on them. Also, recently they lost the court case "Hart v Comcast" to the tune of 16 million bucks. I would think that they would be a little careful about doing that sort of thing right after they lost the case, but who knows ...

The websites are about the court case.

http://www.p2pcongestionsettlement.com/

http://cut-the-cable.com/tag/hart-v-comcast

Waldo Jeffers
2010-04-01, 07:55 PM
Considering I've been on demonoid downloading and uploading all month with no problem, I'm going to say the problem is likely on your end.

bullpinjohn
2010-04-02, 02:38 AM
Are you on a desktop or laptop?

direwolf-pgh
2010-04-02, 08:40 AM
The post by direwolf-pgh appears to be in Chinese and to say:

You Comcast Cable modem router ... do you have a dual router configuration error?

This Chinese stuff (April Fools) is quite the laugh! :lol4::D

I was trying to say.. the comcast cable modem is a router w/firewall and you have your linksys/router firewall..
a two router config will keep you 'firewalled' every time. if this is indeed the case.. consider using one router/firewall.
its not adding any security - just making the routing tables a pain to deal with.

mrpete
2010-04-02, 11:58 AM
the comcast cable modem is a router w/firewall


My Comcast cable modem has no router in it. It's an old one ... a Motorola SB5120 (search "SB5120_User_Guide.pdf").

I you search for "Comcast Approved Cable Modems" a result pops up from Amazon that shows the approved modems that are on sale at the site. It is a non-official list. The official list is at the URL below. It could be that some of those modems cannot be used in some Comcast areas, but could be used in other areas.

http://mydeviceinfo.comcast.net/

It looks like some of them are combo modem/routers, but there are a bunch on the list that have no routers in them.



a two router config will keep you 'firewalled' every time


Having two routers in line between your computer and the net is a configuration that most users will not be able to properly configure. However, a few users will be able to get that setup working. If a user can avoid it then that is the much easier way to go.

To make a two router config work you could do one of the following:
- declare static route(s) - the network works best with this solution
- use RIP to "sync" the two routers up

Zachary Taylor
2010-04-08, 03:40 AM
An interesting thing about this topic. I'm listed as firewalled in the upper right corner.

I'm trying to help some dude get an Aerosmith video, and he is firewalled too, but I'm trickling some data to him anyway.

Comcast is a strange master.

edit, on the other hand that dude has a weird ratio. now I feel dirty. {shruggy shoulders}

mrpete
2010-04-09, 12:46 PM
Zach -

One possible reason for alternating between being firewalled and non-firewalled could come from using DHCP IPs along with forwarding port(s) to a given IP address. What equipment and settings are you using?

Cable modem model
router (if any)
static IP/DHCP ... if you don't know this is likely DHCP
UPnP/no UPnP
port/forwarding
BitTorrent client and version
firewall version

Zachary Taylor
2010-04-10, 02:23 AM
thanks mrpete if you have any ideas, I went through the steps on the port forwarding links a while back and had no success, but I'm willing to look back into it if there are any ideas or suggestions.

Toshiba DAZ8821F

Level One WBR-6001

pretty sure this isn't static

utorrent clicked enable UPnP port mapping ?

utorrent test says I'm good right now, and my check mark is green.

uTorrent 2.0.1 (build 18833)

I'm about to pick a torrent to run and see if I'm listed as firewalled or not before I continue.

Now trying to seed
http://www.thetradersden.org/forums/showthread.php?t=30355

I'm firewalled. A couple of days ago, I wasn't for a while.

Any of you experts have any ideas other than I've configured wrong or Comcast is screwing with me, I'm willing to go through the steps again (tomorrow though, it is late :))

Zachary Taylor
2010-04-10, 04:16 AM
sorry to keep making posts, I don't see an edit button. so

edit, a few hours later, I'm seeding to two people, at least one of whom must be firewalled also. So in my situation, I can apparently seed to someone that is also firewalled. No big deal, I'm able to get good stuff and help other people get stuff.

If any of this information helps site managers or other people interested in keeping the hobby viable, I hope the information helps.

direwolf-pgh
2010-04-10, 07:47 AM
this is thread #62 about being firewalled :sleepy:

Zachary Taylor
2010-04-10, 04:56 PM
this is thread #62 about being firewalled


Oh, I'll start a new one next time.

just kidding. nevermind, Fat Elvis and mrpete. Sorry I posted on your thread.

sorry you are so tired direwolf.

all is well. I think I can adblock the red text under my name and then I won't see it anymore. Okay by me. :yawn::yawn::yawn:

mrpete
2010-04-10, 06:04 PM
Zach - I'm getting instructions worked up for you but I need to be sure about:
- the IP address of the router
- the IP addresses that are being given out by the router.

In your browser surf to http://192.168.0.1 . Do you get a login/password screen?

If that isn't the address try http://192.168.50.1 .

Post here which URL works for you.

Next ... in windows ... Start -> Run -> cmd [DOS windows appears/you could have typed in "command"].

At the DOS prompt type in the command on the next line. You should get output like the bit below.

ipconfig

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.15.100
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.15.1

Post here what your IP address is. It is possible that each time that Windows is booted you could get a different address.

... start of info related to your 2nd post ...

Zach - Good observation about you being firewalled and still able to seed another firewalled BitTorrent client.

I just looked at the clients on the torrent "Leonard Cohen 1988-05-20" that you are seeding AND ALL THE FOLKS ARE USING UTORRENT V2. What appears to be happening is that the new protocol that is built into recent copies of uTorrent is working! That's great!

uTP is a new datacomm protocol from uTorrent. AFAIK only uTorrent has it. I believe the libtorrent folks are working on getting it implemented.

Two of the main features of uTP are:
- allow 2 firewalled BT clients to connect and pass data
- automatic bandwidth congestion management

I don't know how it works the magic that allows 2 firewalled clients to pass data ... but it's great feature. :)

Added: I couldn't care less about "thread hijacking" in this particular case.

Waldo Jeffers
2010-04-10, 07:56 PM
NOZKLtIIUZE

direwolf-pgh
2010-04-10, 08:02 PM
sorry you are so tired direwolf.you arent firewalled and it's mr. direwolf-pgh.

mrpete
2010-04-10, 08:43 PM
The TTD tracker show Zach as being firewalled. In spite of that he's ben able to seed almost 3 GB. On that torrent they're all using uTorrent v2.

http://i361.photobucket.com/albums/oo51/mrpete/ZTFW.png

direwolf-pgh
2010-04-11, 09:35 AM
thats a nice screen cap. shame i didnt take one..cause the dude wasnt firewalled then..
and he's not on any torrents at the moment ..so I guess the only thing left to do is enjoy the day

p.s. a few posts ago it was mentioned two routers are being used

Toshiba DAZ8821F
Level One WBR-6001

..If he nuked the wireless router and went with an access point - all would be fine.
two router config?! na, you're on your own. sorry.

mrpete
2010-04-11, 12:31 PM
I'm sure you're right direwolf and that Zach was not firewalled when you looked. That's what he's complaining about ... sometimes firewalled ... sometimes not.

I'm guessing the image looks good because I converted the capture to PNG. That's supposed to be a non-lossy image format (seems appropriate for this forum). PNG can be really good qual for screen imgs and many times it's also the smallest file.

He's only using one router. It's the WBR-6001. It looks to be a nice (and complicated/feature rich) wireless router. A link to the manual is below.

http://download.level1.com/level1/manual/WBR-6001_UM.pdf

The Toshiba DAZ8821F is a typical uncomplicated cable modem. The manual is at the link below.

http://www.toshiba.com/taisnpd/products/pcx2500manual.pdf

direwolf-pgh
2010-04-11, 04:47 PM
76255
any thoughts about this page in the manual..

mrpete
2010-04-11, 05:59 PM
It shows a moderately standard setup. Most folks will avoid the whole USB thing ... a USB hookup is not as good as 10BASE-T.

There aren't any routers in the setup that is shown. Zach has a WBR-6001 where the switch/hub is shown.

One unusual thing about the example setup is that they show a crossover cable connecting from the modem to a "non-uplink" connection on the switch. Very few home setups would use a crossover cable.

bullpinjohn
2010-04-12, 12:10 AM
Try encrypting your router, it made a difference for me. I'm on a dynamic, but I don't have to reset my router anymore. Worked for me.

newbe
2010-04-24, 04:40 PM
I have Comcast and lose the Port Forwarding ALL the time! Somehow my Local IP Address changes. That's another issue.

It was a royal pain at first but now I can reset my ports in a matter of minutes.

I go to RUN, type in "ipconfig", look at the last digits of your IP Address. I have a Netgear modem so I go to NETGEAR Gateway's "Port Forwarding" and type in those last few digits of your IP Address into "Local IP Address" in "Add Custom Rules" and botta-bing.

Hope this helps you.

bullpinjohn
2010-04-25, 02:33 PM
I have Comcast and lose the Port Forwarding ALL the time! Somehow my Local IP Address changes. That's another issue.

It was a royal pain at first but now I can reset my ports in a matter of minutes.

I go to RUN, type in "ipconfig", look at the last digits of your IP Address. I have a Netgear modem so I go to NETGEAR Gateway's "Port Forwarding" and type in those last few digits of your IP Address into "Local IP Address" in "Add Custom Rules" and botta-bing.

Hope this helps you.

I have a Netgear router. I encrypted the router, I don't have that problem anymore. I used to have to do the same thing.

newbe
2010-04-27, 06:52 AM
Encrypted the router? That's a new one for me but thanks bullpinjohn. I'll have to look into that.

Thulani
2010-04-27, 10:51 AM
Simple Port Forwarding (http://www.softpedia.com/get/Network-Tools/Misc-Networking-Tools/Simple-Port-Forwarding.shtml). Try this tool. It has a lot of routers in the list and if it doesn't have yours it offers a tool on their website to record your router screen. The guy who's in charge of this program is very quick with the rooter updates.

wolfsblade
2010-08-28, 05:08 PM
thanks mrpete if you have any ideas, I went through the steps on the port forwarding links a while back and had no success, but I'm willing to look back into it if there are any ideas or suggestions.

Toshiba DAZ8821F

Level One WBR-6001

pretty sure this isn't static

utorrent clicked enable UPnP port mapping ?

utorrent test says I'm good right now, and my check mark is green.

uTorrent 2.0.1 (build 18833)

I'm about to pick a torrent to run and see if I'm listed as firewalled or not before I continue.

Now trying to seed
http://www.thetradersden.org/forums/showthread.php?t=30355

I'm firewalled. A couple of days ago, I wasn't for a while.

Any of you experts have any ideas other than I've configured wrong or Comcast is screwing with me, I'm willing to go through the steps again (tomorrow though, it is late :))

get off comcast residential svces period. xfinity is comcasts way of screwing us all so get off of that too while you're at it. were on comcast business class here so if you want to go that route, do it. hmm, 45 a month to be throttled by comcast and xfinity offers the same speed and throttling for half that. pay 10-15 bucks more a month and get a comcast biz class pipe. you dont need a static ip unless you host a site. the dhcp from them would be just fine. anyways food for thought folks.

wolfsblade
2010-08-28, 05:11 PM
get off comcast residential svces period. xfinity is comcasts way of screwing us all so get off of that too while you're at it. were on comcast business class here so if you want to go that route, do it. hmm, 45 a month to be throttled by comcast and xfinity offers the same speed and throttling for half that. pay 10-15 bucks more a month and get a comcast biz class pipe. you dont need a static ip unless you host a site. the dhcp from them would be just fine. anyways food for thought folks.

best part of the cc biz class pipe. no throttling, no limits, no cap, no bullshit, period!

Billyki
2010-08-29, 08:25 PM
best part of the cc biz class pipe. no throttling, no limits, no cap, no bullshit, period!
No doubt cc biz is a good deal. The only shortcoming I have come across is the SMC Modem/Router. You really cannot do enough with it to make torrent NOT drain your connection. The ability to set the number of ports and timeout settings for TCP and UDP like DD-WRT allows for is sorely missed. These settings made a huge difference and now without them torrents are bogging down the network again. Working on the issue though, will see what I can do.
Just an FYI

showtaper
2010-08-30, 06:13 AM
No doubt cc biz is a good deal. The only shortcoming I have come across is the SMC Modem/Router. You really cannot do enough with it to make torrent NOT drain your connection. The ability to set the number of ports and timeout settings for TCP and UDP like DD-WRT allows for is sorely missed. These settings made a huge difference and now without them torrents are bogging down the network again. Working on the issue though, will see what I can do.
Just an FYI

Use a client that allows setting upload / download limits. I'm currently using
utorrent which allows setting limits for each torrent. I'm sure others do as well.

Billyki
2010-08-30, 12:41 PM
Thanks, I was referring to the massive amount of connections that can over run your router as stated here in a DD-WRT wiki:
Usually the culprits are heavy P2P software like Emule, Bittorrent, uTorrent, Azureus, Shareaza or something similar. These programs, by default, can require a lot of connections which could cause the routers' ip_conntrack table to get full.

* Especially BitTorrent's DHT feature sends thousands of UDP packets that quickly overflow this table.


I already use connection controls and I use the scheduler to balance traffic usage so most of my torrenting goes on when folks are not using the network for surfing or watching TV shows! I am also exploring limiting connections within utorrent.

showtaper
2010-08-30, 11:22 PM
Thanks, I was referring to the massive amount of connections that can over run your router as stated here in a DD-WRT wiki:

I already use connection controls and I use the scheduler to balance traffic usage so most of my torrenting goes on when folks are not using the network for surfing or watching TV shows! I am also exploring limiting connections within utorrent.

Never ran into that problem with comcast or my router (Linksys). After comcast
got popped for forging disconnect packets they then moved on to port blocking.
About every two to three weeks of heavy use I'd find my ability to d/l or seed
to be almost gone. Change the port assignment in utorrent, change the setting
in the router - back in business.

Between that and issues with their cable service - I've moved on. Not perfectly
thrilled with AT&T U-Verse, but the internet is much better in my area.....

mdshrk1
2010-08-31, 09:10 PM
Every fucking month, cc adds some kind of bs charge that ups the bill. blech! :nuts:

teamhood
2011-04-19, 10:57 PM
Any advice on comcast biz class > linksys router? I can't seem to get decent torrent speeds. I've got the smc3g from comcast have it in dmz to my linksys. Torrent speeds horrible....