eMule Checklist

Post any eMule-related questions and FAQ's here.
User avatar
Phuzzy4242
Site Admin
Posts: 7686
Likes:
Joined: Sun Aug 23, 2009 1:00 am

eMule Checklist

Post by Phuzzy4242 »   1 likes

eMule Checklist

0.0 Minimum System Requirements
1.0 ISP's
1.1 IP Address
1.2 Port Filtering / Traffic Shaping / Port Blocking
2.0 LAN / Router
2.1 Port Forwarding
2.2 Max. Connections
3.0 Protecting the Client Computer
3.1 Network Interface (NIC) and Drivers
3.2 DSL Driver
3.3 Turn Off Unnecessary Services
3.4 Close Unnecessary Open Ports
3.5 Block Unwanted Network Traffic
3.6 'Hardening' the TCP Stack
4.0 Emule
4.1 Ports
4.2 Preferences & Tips
4.3 Servers
4.4 Kademlia

----------

0.0 Minimum System Requirements

* Pentium II 350 MHz or higher, 256 MB RAM. If you want to use the PC for anything else at the same time, 1 GHz or faster and at least 1 GB RAM.
* 50 GB hard drive minimum - you need space for temp & incoming files, plus storage for shared files.
* High-speed internet connection via DSL, Cablemodem, hardware or software router, ethernet or wireless LAN. Do NOT use USB, firewire, DSL modemcard, ISDN, analog modem, satellite or other exotic connections.
* Network OS like Linux or Windows NT/2000/XP/Vista/Win7.
* Ability and willingness to use Google, read manuals, and read forums. Ability to give more info in a forum than just "help me!".
* The eMule client. Get the English original or a modified version ONLY from the official website or its developer forum. Anything obtained elsewhere probably has spyware or worse.
* Additional resources: eMule online manual, stickies in the developer forums, the changelog, links in the signatures of forum members.

----------

1.0 ISP's

Many problems you experience with eMule will originate at your internet service provider (ISP).


1.1 IP Address

* Make sure you have a public IP address reachable from the internet. If you have a private IP address you're effectively in a very big LAN with NO access to the router and you'll always have LOWID no matter what you try.
* You can check your IP at Wie ist meine IP-Adresse? or WhatIsMyIP. If your IP address is in one of the following ranges, you have a private IP address:
10.0.0.0 thru 10.255.255.255
172.16.0.0 thru 172.31.255.255
192.168.0.0 thru 192.168.255.255


1.2 Port Filtering / Traffic Shaping / Port Blocking

ISP's use these techniques to slow or block traffic in order to get high-end users to leave - they can rake in more profits without having to expand capacity. Carefully study the ISP's "terms of use" before signing a contract and check online forums to get insight into other users' experiences. Use big carriers as your ISP because they usually don't block or shape P2P usage and don't care about high transfer volumes - they own the pipelines.

----------

2.0 LAN / Router

The next most common trouble area is internet connections via home routers or LANs.


2.1 Port Forwarding

* Use a STATIC PRIVATE IP ADDRESS - do not use DHCP. This means giving your PC a fixed IP address in one of the ranges shown in part 1.1 above. You must do this so your router can reliably forward data it sends and receives on the ports eMule uses.
* Set the ports in your eMule client to something other than the defaults (TCP = 4662 and UDP = 4672). These can be any number NOT on the list of reserved port numbers. On a Windows NT/2000/XP pc you can find a list of ports and their common use in this textfile: WINDOWS\system32\drivers\etc\services. Use a different port number for TCP and UDP.
* Forward the ports in your router to the SAME ports your eMule client is using. Since routers are all different, there's no way to precisely describe this process. Using the descriptions on the eMule help page:

For the TCP port:

Name / Service Name: This is the name for the rule you're creating (e.g. "eMule_TCP")
Protocol / Transport Type: Select "TCP"
Public / External Port: Enter eMule's TCP portnumber
Private / Internal Port: Enter the same TCP portnumber again
Direction: Select "Incoming"
Private / Internal IP: Enter the static IP of your PC (e.g. 192.168.1.1)
Active / Forward / Enable: Select "Yes" or something similar to enable this new rule

For the UDP port:

Name/Service Name: This is the name for the rule you're creating (e.g. "eMule_UDP")
Protocol/Transport Type: Select "UDP"
Public/External Port: Enter eMule's UDP portnumber
Private/Internal Port: Enter the same UDP portnumber again
Direction: Select "Incoming"
Private/Internal IP: Enter the static IP of your PC (e.g. 192.168.1.1)
Active/Forward / Enable: Select "Yes" or something similar to enable this new rule

* If you're using more than one eMule client, make sure each uses a DIFFERENT set of ports, no matter if they're running on the same or different PC's.
* You can find info on port forwarding for various routers at http://www.portforward.com

* Forwarding rules in "routerspeak":
Forward
- INCOMING {TCP} FROM ANY_IP on TCPPort, WEBPort, MobilePort
- INCOMING {UDP} FROM ANY_IP on UDPPort, ServerUDPPort
TO Emule_IP and EXACTLY the same ports

* Firewall rules for your router:
- ALLOW INCOMING TCP/UDP FROM ALL_IP on TCPPort, WEBPort, MobilePort and UDPPort, ServerUDPPort
- ALLOW ALL OUTGOING TCP/UDP FROM Emule_IP TO ANY_IP

* If your router is blocking ICMP or can't forward ICMP, the current USS (upload speed sense) implementation in Emule might cause some trouble. Otherwise
- Forward INCOMING ICMP 0,3,11 FROM ANY_IP TO Emule_IP
- ALLOW OUTGOING ICMP 8 FROM Emule_IP TO ANY_IP
to allow USS to work. Remember: ALL connections have to pass your router!


2.2 Max. Connections

Most LAN / WLAN / DSL / cable routers can only handle around 200-250 simultaneous internet connections.
* Make sure the combined number of connections of all your Emule clients does not exceed this limit at any time.
* You can avoid this limitation by using an old P1 or P2 computer with Smoothwall or IPCop (both run under Linux) as a powerful router with firewall and Intrusion Detection System. Perhaps you have an old machine lying around somewhere.

----------

3.0 Protecting the Client Computer

For safety sake, hardening the PC against the outside world is imperative.


3.1 Network Interface (NIC) and Drivers

* Use up-to-date drivers for all your NICs. The default Windows drivers are often outdated and may have problems coping with the number of network connections eMule is able to use. Problematic drivers can trigger 'blue screen of death' (BSOD), 'IRQ NOT LESS OR EQUAL' crashes when eMule is running fastest.
* To update your network drivers you must first know the chipset and/or manufacturer. If you don't have a user manual, the only way to be sure is to open the case and look for yourself. Don't trust the OS too much because it sometimes doesn't recognize your NIC correctly and therefore installs the wrong or 'far from optimal' network drivers.
* Use Google or websites like Driver Guide to get the correct drivers for your OS.


3.2 DSL Driver

If you are NOT behind a router and connect to the internet via DSL modem (PPPoE), up- and downloading bandwidth are interdependent. To upload at maximum bandwidth and download with reasonable speed at the same time (or vice versa) use a traffic-shaping tool like CfosSpeed from http://www.cfos.de. A good alternative to the standard Windows DSL driver is raspppoe from http://www.raspppoe.com. Instead of using CfosSpeed you can use the USS (upload speed sense) function of Emule.


3.3 Turn Off Unnecessary Services

WARNING - This is NOT for noobs.

Shutting down unneeded services not only saves memory and CPU resources, most importantly you'll have far fewer compatibility and security problems. If you don't need a service, shut it down completely when possible. For a comprehensive guide to which services are needed and which are not, look at http://www.blackviper.com. If this is too complicated for your liking, http://www.dingens.org and http://www.ntsvcfg.de offer tools for Win 2000 / XP and do most (but not all) of the configurations for you.


3.4 Close Unnecessary Open Ports

WARNING - This is NOT for noobs.

If you're NOT behind a router you're exposing your PC directly to the internet with lots of 'open by defult' ports. You can check what ports your computer is showing to the outside world at ShieldsUp!. Even if you use a firewall, it might not work correctly if it's badly configured or you shut it down or disable it by choice or accident. Closing unnecessary ports in the first place is always a good idea.

A good guide for doing this is at http://www.hsc.fr/ressources/breves/min ... en.html.en


3.5 Block Unwanted Network Traffic

You can't afford to ignore the serious danger posed by malware such as viruses, trojans, adware and spyware, the 'phone home' behavior of Microsoft and other software, nor the intrusions of unfriendly goons like the RIAA, MPAA, or government agencies. After turning off unneeded services and closing unneeded ports, you must use a firewall to block unwanted network traffic.

There are several freeware firewalls available such as Comodo. Most firewalls have a "learn" mode that prompts you to either allow or deny traffic. It's important to find one that's easy to use and doesn't slow things down. There are a few (ZoneAlarm, Nvidia firewall) that are known to cause problems when used together with eMule or other P2P programs - avoid using them or related products based on them.

If running eMule on a standalone PC with an application-based firewall like Comodo without a router, the firewall ruleset for eMule is:
- ALLOW ALL OUTGOING TCP/UDP TO ANY_IP for Emule.exe
- ALLOW OUTGOING ICMP 0,3,11 TO ANY_IP
- ALLOW INCOMING TCP FROM ANY_IP on TCPPort, WEBPort, MobilePort for Emule.exe
- ALLOW INCOMING UDP FROM ANY_IP on UDPPort, ServerUDPPort for Emule.exe
- ALLOW INCOMING ICMP 8 FROM ANY_IP

If you're running eMule behind a router it's a little more work:
* Use a static LAN-IP (this is your Emule_IP, for example 192.168.1.1)
* Configure the ROUTER_IP in the same IP range but different from your Emule_IP and use it as both the Gateway and the DNS server for your client PC (for example 192.168.1.254)
* Forward the ports you chose for eMule (see 2.1) to the Emule_IP. Refer to your manual for guidance on forwarding ports specifically with your router.
* If your router is capable, also forward incoming ICMP 8 to the Emule_IP and allow outgoing ICMP 0,3,11.
* The only firewall rule on your Emule pc is then:
- ALLOW ALL INCOMING/OUTGOING TCP/UDP/ICMP TO/FROM ANY_IP for Emule.exe

To block incoming network traffic from unfriendly IP's you must use an IP Filter List (a blocklist). eMule uses a blocklist which can be found at http://bluetack.co.uk. If you have problems connecting to a server, check to see if your own IP is being blocked by this list. Some blocked IP ranges are big and might accidentally block 'innocent' addresses like your own. Also, many servers use blocklists from various sources and might block you. Usually there is a message like 'Error - your IP is part of ipfilter.dat' is the serverlog when this happens.

If your IP is blocked by the IP-blocklist from Bluetack, you can:
1. Load ALL blocklists with the Blocklistmanager
2. Search for fitting IP-ranges in the lists
3. Post the troublemaking list and IP-range in the Bluetack forum.
4. Hope this range is quickly processed.
5. Hope other users and server are updating their blocklists quickly.


3.6 'Hardening' the TCP Stack

WARNING - This is NOT for noobs.

There are tools and guides to change the standard network configuration to be less vulnerable - 'hardened' - against many common attacks like Denial Of Service (DOS), even without a firewall. Consider this only if you're able to repair any problems you encounter because this requires manually changing the registry.

http://www.sniff-em.com - Automatic tool called Harden-It
http://support.microsoft.com/kb/324270/en-us/ - Windows Server 2003
http://support.microsoft.com/kb/315669/en-us/ - Windows 2000/XP
http://technet.microsoft.com/en-us/libr ... 84906.aspx - MS TechNet Security Guidance
http://www.winguides.com/registry/display.php/1237/ - PCTools guides

----------

4.0 Emule

This section describes some of the 'best practice' settings you'll want to use.


4.1 Ports

The current official Emule client (v0.50a) is using an additional port to the ones you can set in the preferences 'serverudpport'. It's port number can only be set in the 'preferences.ini' textfile in the config directory.

So the whole set of used ports is:
* TCPPort - (TCP) Set in Preferences
* UDPPort - (UDP) Set in Preferences
* ServerUDPPort - (UDP) Set in preferences.ini (default is random, choose a fixed value when using a router)

and ONLY IF NEEDED (when using a router, those ports also have to be forwarded):
* WEBPort - (TCP) Set in Preferences
* MobilePort - (TCP) Set in Preferences

You could set the first three ports to 55, 56, and 57 because most ISP's that block P2P ports leave everything below 1024 alone. On a Windows NT/2000/XP pc you can find a list of ports and their common use in this textfile: WINDOWS\system32\drivers\etc\services. Just be sure to use a port that's NOT already being used on your computer or you'll see an error message in the server log: Fatal Error: Unable to create socket on port xxxx.

Tools to help you include TCPView, X-Netstat, or "netstat" in Windows console.

If it's too difficult for you to decide which ports below 1024 to use, choose ports over 10000. Those are often used for online games. In theory, you can use any port between 1 and 65535.


4.2 Preferences & Tips

* Max. connections: 150-200 are enough for all Emule clients combined if you're using a router.
* Max. new connections per 5 seconds: 5-10 for people with low-cost routers and 30-40 for others. Some routers are capable of much more.
* Upload limit: either a fixed limit of 80% of your maximum upload capacity, or no limit and USS enabled. Under NO circumstances no upload limit AND USS disabled. If you don't know your line capacities, use online speed tests on Speed Guide or DSL Reports - exit Emule for reliable results!
* Try to gather 2000-4000 available sources and no more. Play with max. sources per file and running downloads.
* Use a large upload queue size for the credit system to work effectively. Rejecting clients due to a full queue unnecessarily increases upload overhead which can't be used for uploading real data anymore.
* Disable the credit system if you want to release rare files AND download something else at the same time.
* Due to the waiting time in long queues and your limited upload capability, all ed2k clients usually need a few days to build up speed, including Emule. The most important tip therefore is to STAY ONLINE 24/7. If you need to break your internet connection for any reason, keep it short (less than about 30 minutes) to avoid losing your place in other people's upload queues.


4.3 Servers

There are many fake servers in the ed2k network spying on users and spreading fake search results and sources. It's important to keep an updated list of 'clean' servers.

1. Delete server.met or delete all servers in your server list (if Emule is running).
2. In Server -> Preferences disable "Update server list when a client connects".
3. Enable "Autoconnect to servers in static list only".
4. Enable "Don't remove static servers".
5. Load a clean server list either manually with ed2k://|serverlist|http://upd.emule-security.org/server.met|/ or go to http://www.emule-security.org/serverlist/.
6. Disable "Auto-update server list at startup".
7. Choose 5-10 servers you trust as static servers.
8. Get a new and up-to-date IP-filterlist from Bluetack once a week.
9. Reload the IP-filterlist in Security -> Preferences and enable "Filter servers too".


4.4 Kademlia

The Kademlia (serverless network) implementation is often a good alternative to the old server-based network. Users with enough bandwidth can use both systems simultaneously. In some ways, "Kad" can be superior to the ed2k server network. You can use one network or the other or both.

----------

5.0 Credits

This checklist was modified and updated from the one created by qm2003@arcor.de at http://home.arcor.de/qm2003/, last updated March 06, 2006. You can also send qm2003 a PM in the official Emule forum.

Any mistakes in this checklist are mine.

Please PM corrections or additions to Phuzzy4242 at https://www.first-loves.com.ua. Last update March 17, 2013.
User avatar
emuler
Posts: 4617
Likes:
Joined: Sun Apr 02, 2006 1:00 am

Re: eMule Checklist

Post by emuler »   0 likes

Can anyone recommend an IP Filter? Also, if anyone has money to spare, please donate some to Bluetack.
User avatar
yoko
Posts: 656
Likes:
Joined: Sat Aug 27, 2011 3:40 am

Re: eMule Checklist

Post by yoko »   1 likes

I don't think IP filters are really useful and they often block good users without reason.
User avatar
emuler
Posts: 4617
Likes:
Joined: Sun Apr 02, 2006 1:00 am

Re: eMule Checklist

Post by emuler »   1 likes

Which is precisely why I'm looking for a good IP Filter. :roll:
User avatar
Phuzzy4242
Site Admin
Posts: 7686
Likes:
Joined: Sun Aug 23, 2009 1:00 am

Re: eMule Checklist

Post by Phuzzy4242 »   1 likes

You can add IPs to eMule's filter (at least in MorphXT) by putting the address in the IPfilteradd.txt file in the config folder. This can be individual IP addresses or ranges such as below - it's the same format as in ipfilter.dat:

Code: Select all

1.2.4.0              - 1.2.4.255       , 100 , China Internet Information Center (CNNIC)
193.169.86.0         - 193.169.86.255  , 100 , Leecher I want to block
Seriously, though, yoko is right about IP filters not being very useful. Most ISP's assign users addresses from a DHCP pool so you don't keep the same address forever. The next time he connects, the bad guy might have a different IP so the block won't work against him. You'd have to block an entire IP range, and for a big ISP you'd have to block a BIG range, and you still can't guarantee you'll stop them. The other thing is that unless you remember to remove the block, you could be permanently cutting yourself off from a big chunk of sources.
User avatar
emuler
Posts: 4617
Likes:
Joined: Sun Apr 02, 2006 1:00 am

Re: eMule Checklist

Post by emuler »   0 likes

You're right about individual client blocking, but the proper IP filters include addresses for known bad guys and govt. agencies around the world. Just open your last updated IP Filter and read some of the entries. This helps to block clients from places that you would not expect genuine p2p users to exist, or from places where the traffic will raise red flags. Sure, they can get/use IP addresses that are not on these lists, but at least the known entities are prevented from connecting to your client. Worth it, IMHO.

e.g.: 69.3.96.96 - 69.3.96.103 , 0 , Federal Reserve Bank of Chicago :roll:
User avatar
winski
Posts: 19
Likes:
Joined: Sun Mar 10, 2013 9:00 pm

Re: eMule Checklist

Post by winski »   1 likes

emuler wrote:e.g.: 69.3.96.96 - 69.3.96.103 , 0 , Federal Reserve Bank of Chicago :roll:
I could understand if you block MPAA, but what's the problem with Federal Reserve Bank of Chicago? Could well be some legit FLM users there.
User avatar
ptguardian
Posts: 4479
Likes:
Joined: Wed Sep 17, 2008 1:00 am

Re: eMule Checklist

Post by ptguardian »   0 likes

IP filters also work when surfing the web. Enable one and then go search your favorite sites, search sites that are not thought to be of any danger such as Amazon. yahoo and so on. You might be surprised just how many different ip are trying to gather your data. Just saying...
Post Reply