Page 1 of 2 12 LastLast
Results 1 to 15 of 24

Thread: Is my router troubled?

  1. #1
    Bronze Member
    Join Date
    Dec 2005
    Posts
    135

    Is my router troubled?

    ....so I come to find out that every time I hook up my router (D-link 614+), I get slow page loading, server resets, etc. etc. etc...

    Is my router on the way out? Don't these appliances work or don't work?
    lynchknot's altered ego

  2. #2
    Friendly Neighborhood Super Moderator phishhead's Avatar
    Join Date
    Apr 2002
    Location
    San Diego, Ca.
    Posts
    3,622
    nope lynch my old 604 went out just stopped port forewarding one day. now I have a 624 and damn thing keeps dropping connections. So I think when I get pissed off enough gonna get try a new company.



  3. #3
    Techzonez Governor Super Moderator Conan's Avatar
    Join Date
    Apr 2002
    Location
    Philippines
    Posts
    4,229
    My D-Link 604 works better than my Linksys ever did. How old is your router?

  4. #4
    Friendly Neighborhood Super Moderator phishhead's Avatar
    Join Date
    Apr 2002
    Location
    San Diego, Ca.
    Posts
    3,622
    know what you mean conan never really had much luck with linksys.



  5. #5
    Bronze Member
    Join Date
    Dec 2005
    Posts
    135
    Quote Originally Posted by Conan View Post
    My D-Link 604 works better than my Linksys ever did. How old is your router?
    http://www.techzonez.com/forums/show...2&postcount=12

    Maybe this has something to do with Comcast sending reset packets to my computer.

    I post this in it's entirety because it's from a private site and there may be other comcast users that may want to do this:

    A bit of a background to Comcast's Sandvine:
    Comcast is blocking P2P traffic by using something called a Sandvine. Comcast searches for connections for file-sharing networks. When it finds a connection, comcast sends a "RST" packet to both your computer and the computer you are connecting to. The RST packet is telling both computers to "Reset" or "Close" the network connection. Thus, blocking any data from being sent over the connection. What this tutorial does here is sets your computer up to ignore any RST packets on your bittorrent port. DO NOT IGNORE RST PACKETS ON ALL PORTS - ONLY DO IT ON YOUR BITTORRENT PORT.

    Make sure you ask questions here before doing anything you are unsure of. You have the ability to completely cut yourself off from the internet using this.

    ALSO NOTE: You must use a single port for using bittorrent. THis will not work if you have your client use a "random" port.

    ------------------------------------------------------------------------------------------
    ------------------------------------------------------------------------------------------
    ------------------------------------------------------------------------------------------
    ------------------------------------------------------------------------------------------

    Important!

    This isn't just for Comcast users. It appears that sandvine sends RSTs to both the seeder and the leecher. Therefore, if you want to download from anyone who is on comcast, you have to do this fix, or something similar, as well.
    -----------

    I know there are a lot of us using comcast, and the tutorial (http://redhatcat.somewhere.com/2007/...ith-wipfw.html) leaves out some important stuff... but not to fear, here's a complete guide to setting up WIPFW on Windows 2000 and XP. If you're having any problems, post 'em here and I'll have a solution for you in no time.

    You MUST do this at a local console, as it will block all VNC/Remote Desktop connections by default.

    This has only been tested on Windows 2000 & XP, with Vista YMMV.


    Step 1:


    Download WIPFW from sourceforge http://downloads.sourceforge.net/wipfw/


    Step 2:


    Unzip to C:\Program Files\WIPFW


    Step 3:


    If you want a "default deny", double click "install-deny.cmd". Network activity WILL be cut off at this point.

    If you want a "default allow", double click "install.cmd".

    A default deny means that ALL data will be BLOCKED by default. If you are behind a router (or any other firewall) that has a firewall already built in, use default allow (Because your router is blocking the bad stuff anyway).


    Step 4 (Windows XP only):


    Start -> Control Panel -> Security Center -> Windows Firewall

    Turn Windows Firewall OFF and click OK

    Then, in the security center, click "Recommendations..." under the (now red) firewall header.

    Check "I have a firewall solution that I'll monitor myself" and click OK


    Step 5:


    Save the following text in the file %systemroot%\System32\drivers\etc\protocol (%systemroot% is the windows directory). NOTE: This text may already be there. If so, just ignore this step.

    QUOTE(protocol)
    # Copyright © 1993-1999 Microsoft Corp.
    #
    # This file contains the Internet protocols as defined by RFC 1700
    # (Assigned Numbers).
    #
    # Format:
    #
    # <protocol name> <assigned number> [aliases...] [#<comment>]

    ip 0 IP # Internet protocol
    icmp 1 ICMP # Internet control message protocol
    ggp 3 GGP # Gateway-gateway protocol
    tcp 6 TCP # Transmission control protocol
    egp 8 EGP # Exterior gateway protocol
    pup 12 PUP # PARC universal packet protocol
    udp 17 UDP # User datagram protocol
    hmp 20 HMP # Host monitoring protocol
    xns-idp 22 XNS-IDP # Xerox NS IDP
    rdp 27 RDP # "reliable datagram" protocol
    rvd 66 RVD # MIT remote virtual disk



    Step 6:


    Open C:\Program Files\WIPFW\wipfw.conf in notepad and replace the contents with the following:
    NOTE: Make sure you replace "*****" with the port that your bittorrent client uses!

    If you are using the Default Deny:

    QUOTE
    #################
    #
    # wipfw.conf
    # Replace ***** with your bittorrent port
    #
    #################

    # First flush the firewall rules
    -f flush

    # Localhost rules
    add 100 allow all from any to any via lo*

    # Prevent any traffic to 127.0.0.1, common in localhost spoofing
    add 110 deny log all from any to 127.0.0.0/8 in
    add 120 deny log all from 127.0.0.0/8 to any in

    # Drop incoming packets with RST flag on BitTorrent port
    # This is what thwarts Sandvine.
    add deny tcp from any to me ***** tcpflags rst

    # Setup stateful filtering
    add check-state
    add pass all from me to any out keep-state
    add count log ip from any to any

    # Allow new incoming BitTorrent connections
    add pass tcp from any to any *****
    add pass udp from any to any *****


    If you are using the Default Allow:

    QUOTE
    #################
    #
    # wipfw.conf
    # Replace ***** with your bittorrent port
    #
    #################

    # First flush the firewall rules
    -f flush

    # Drop incoming packets with RST flag on BitTorrent port
    # This is what thwarts Sandvine.
    add deny tcp from any to me ***** tcpflags rst



    Step 7:

    If you are using a default deny, you will have to change the config to allow other network data through your network with any of the following rules (just add these rules to the end of wipfw.conf)

    QUOTE(File & Print Sharing)
    #Replace 192.168.0.0/24 with your local subnet and mask

    # Allow Microsoft SMB file sharing w/ NetBIOS
    add pass tcp from 192.168.0.0/24 to me 135-139
    add pass udp from 192.168.0.0/24 to me 135-139

    # Allow direct-hosted SMB w/out NetBIOS
    add pass tcp from 192.168.0.0/24 to me 445
    add pass udp from 192.168.0.0/24 to me 445


    QUOTE(VNC)
    # Enable VNC
    add pass tcp from any to me 5800-5801
    add pass tcp from any to me 5900-5901


    QUOTE(Remote Desktop)
    # Allow RDP/Terminal Services connections
    add pass tcp from any to me 3389


    QUOTE(SSH server)
    # Allow incoming SSH
    add pass tcp from any to me 22


    QUOTE(DNS server)
    # Allow incoming DNS
    add pass udp from any to me 53


    QUOTE(Web server)
    # Allow incoming WWW
    add pass tcp from any to me 80


    QUOTE(FTP server)
    # Allow incoming FTP
    add pass tcp from any to me 21

    More ports for other network services can be found here.

    Save wipfw.conf when you're done.


    Step 8:

    Start -> Run

    Type CMD.exe and press enter.

    run the following two commands

    >net stop ipfw

    >net start ipfw

    All done!
    Last edited by usergame; November 3rd, 2007 at 04:43 AM.
    lynchknot's altered ego

  6. #6
    Old and Cranky Super Moderator rik's Avatar
    Join Date
    Aug 2003
    Location
    Watching Your every move...
    Posts
    4,638
    Well if anyone wants recommendations on routers, My little Belkin hasn't failed me in 3 years or so of use.

  7. #7
    Hardware guy Super Moderator FastGame's Avatar
    Join Date
    Apr 2002
    Location
    Blasters worm farm
    Posts
    3,333
    Why are you guys using routers if you're using all those super duper software firewalls

  8. #8
    Titanium Member efc's Avatar
    Join Date
    Sep 2002
    Location
    North Central Arkansas
    Posts
    2,293
    Quote Originally Posted by rik View Post
    Well if anyone wants recommendations on routers, My little Belkin hasn't failed me in 3 years or so of use.
    I agree. This isn't a mechanical device. Should last forever unless it takes a strong power surge. I am using an old Asante' 1000. It is even older than rik's Belkin. I have a newer Netgear WPN824 v2 that I keep in reserve. The way things are going, I may never need it.

    I also question the need to use a separate firewall with a NAT router. I subscribe to the KISS (Keep It Simple Stupid) principle.
    Linux Mint Debian Edition

  9. #9
    Bronze Member
    Join Date
    Dec 2005
    Posts
    135
    Quote Originally Posted by efc View Post
    I agree. This isn't a mechanical device. Should last forever unless it takes a strong power surge. I am using an old Asante' 1000. It is even older than rik's Belkin. I have a newer Netgear WPN824 v2 that I keep in reserve. The way things are going, I may never need it.

    I also question the need to use a separate firewall with a NAT router. I subscribe to the KISS (Keep It Simple Stupid) principle.
    Quote Originally Posted by fastgame
    Why are you guys using routers if you're using all those super duper software firewalls
    That's what I don't understand. It should work or it shouldn't work at all shouldn't it? I shouldn't be getting webpages to load after two or three tries if it was broken.

    From what I understand, the hardware firewall is for input and the soft for output. You can't make as many rules with a hardware router/firewall - Some veterans don't like to phone home.

    It serves as a connection point for another computer in the house of if the kids bring their laptop over.
    Last edited by usergame; November 3rd, 2007 at 19:01 PM.
    lynchknot's altered ego

  10. #10
    Head Honcho Administrator Reverend's Avatar
    Join Date
    Apr 2002
    Location
    England
    Posts
    14,045
    Quote Originally Posted by efc View Post
    Should last forever unless it takes a strong power surge.
    Not strictly true. Doesn't have to be a mechanical device to fail.

    Motherboards.
    Graphics Cards.
    Sound Cards.
    RAM.
    Processors.
    Routers
    etc,etc

    Anything with a PCB can fail electronically. One of the main causes being heat related.

    And Routers can generate very high temperatures.

    =========== Please Read The Forum Rules ===========

  11. #11
    Techzonez Governor Super Moderator Conan's Avatar
    Join Date
    Apr 2002
    Location
    Philippines
    Posts
    4,229
    Quote Originally Posted by FastGame View Post
    Why are you guys using routers if you're using all those super duper software firewalls
    I have more than one PC in the house.

  12. #12
    Titanium Member efc's Avatar
    Join Date
    Sep 2002
    Location
    North Central Arkansas
    Posts
    2,293
    Quote Originally Posted by Reverend View Post
    Not strictly true. Doesn't have to be a mechanical device to fail.

    Motherboards.
    Graphics Cards.
    Sound Cards.
    RAM.
    Processors.
    Routers
    etc,etc

    Anything with a PCB can fail electronically. One of the main causes being heat related.

    And Routers can generate very high temperatures.
    Of course you are right. I was just illustrating the point that once you get past the initial burn-in period, electronic equipment tends to last a long time.
    Linux Mint Debian Edition

  13. #13
    She who must be obeyed Super Moderator piaqt's Avatar
    Join Date
    Apr 2002
    Location
    NYC
    Posts
    1,702
    Quote Originally Posted by usergame View Post
    ... I shouldn't be getting webpages to load after two or three tries if it was broken.
    I have that happening, too. In my case, I think it's an IE bug. I have a Hawking router, and other apps (outlook, livemail, utorrent, etc.) work just fine.

    Last night, I shot an elephant in my pajamas. How he got in my pajamas, I'll never know.
    love, piaqt

  14. #14
    My Name is.... TZ Veteran Stripe's Avatar
    Join Date
    Oct 2002
    Location
    live?
    Posts
    875
    Quote Originally Posted by FastGame View Post
    Why are you guys using routers if you're using all those super duper software firewalls
    My router acts as a nice handy dandy hardware firewall.

    Also helps when having more than one PC hooked up

  15. #15
    Old and Cranky Super Moderator rik's Avatar
    Join Date
    Aug 2003
    Location
    Watching Your every move...
    Posts
    4,638

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •