Kerio Winroute packet filter settings

I have been messing around with kerio WinRoute 4.2.5.., its basically a software router.

I noticed that unless I open all incoming connections, I am unable to establish any connection.., and whenever I try to connect somewhere, a bunch of droped incoming packets are logged

I have a rule that allows all packets of already established connections

I think that some of these packets are for DNS and such, and thats why I cannot open any new connections.

I would like to make some sort of rule(s) to allow only the packets I need

also, if a connection already exists, then I can still recieve stuff from it, such as if there was a download going, and I can still use Trillian unless I disconnect it, and try to reconnect.

part of log-
[19/Jan/2005 18:26:06] Packet filter: ACL 2:1 line1: deny packet in id=2329 : UDP 209.244.0.4:53 -> 4.229.x45067
[19/Jan/2005 18:26:07] Packet filter: ACL 2:1 line1: deny packet in id=2331 : UDP 209.244.0.4:53 -> 4.229.x45067
[19/Jan/2005 18:26:09] Packet filter: ACL 2:1 line1: deny packet in id=2336 : UDP 209.244.0.4:53 -> 4.229.x45067
[19/Jan/2005 18:26:09] Packet filter: ACL 2:1 line1: deny packet in id=2337 : UDP 209.244.0.3:53 -> 4.229.x45068
[19/Jan/2005 18:26:13] Packet filter: ACL 2:1 line1: deny packet in id=2344 : UDP 209.244.0.3:53 -> 4.229.x45068
[19/Jan/2005 18:26:13] Packet filter: ACL 2:1 line1: deny packet in id=2345 : UDP 209.244.0.4:53 -> 4.229.x:45067
[19/Jan/2005 18:26:14] Packet filter: ACL 2:1 line1: deny packet in id=2350 : TCP 4.229.207.117:4296 -> 4.229.x:135
[19/Jan/2005 18:26:15] Packet filter: ACL 2:1 line1: deny packet in id=2351 : TCP 4.229.120.22:1665 -> 4.229.x:445
[19/Jan/2005 18:26:20] Packet filter: ACL 2:1 line1: deny packet in id=2354 : Protocol 2, 209.244.187.136 -> 224.0.0.1
[19/Jan/2005 18:26:49] Packet filter: ACL 2:1 line1: deny packet in id=2364 : TCP 4.229.198.137:3660 -> 4.229.x:445
[19/Jan/2005 18:26:50] Packet filter: ACL 2:1 line1: deny packet in id=2365 : Protocol 2, 209.244.187.136 -> 224.0.0.1
[19/Jan/2005 18:27:05] Packet filter: ACL 2:1 line1: deny packet in id=2369 : TCP 4.229.135.63:3391 -> 4.229x:445
[19/Jan/2005 18:33:20] Packet filter: ACL 2:1 line1: drop packet in id=4168 : Protocol 2, 209.244.187.136 -> 224.0.0.1
[19/Jan/2005 18:33:31] Packet filter: ACL 2:1 line1: drop packet in id=4276 : TCP 4.229.141.1:2537 -> 4.229.x:445
[19/Jan/2005 18:33:33] Packet filter: ACL 2:1 line1: drop packet in id=4293 : TCP 4.229.141.1:2537 -> 4.229.x:445
[19/Jan/2005 18:33:50] Packet filter: ACL 2:1 line1: drop packet in id=4417 : Protocol 2, 209.244.187.136 -> 224.0.0.1
[19/Jan/2005 18:33:56] Packet filter: ACL 2:1 line1: drop packet in id=4419 : UDP 209.244.0.3:53 -> 4.229.x:45105
[19/Jan/2005 18:33:56] Packet filter: ACL 2:1 line1: drop packet in id=4420 : TCP 4.229.198.219:2008 -> 4.229.x:445
[19/Jan/2005 18:33:57] Packet filter: ACL 2:1 line1: drop packet in id=4422 : UDP 209.244.0.4:53 -> 4.229.x:45106
[19/Jan/2005 18:33:58] Packet filter: ACL 2:1 line1: drop packet in id=4423 : TCP 4.229.66.61:1843 -> 4.229.x:135
[19/Jan/2005 18:33:58] Packet filter: ACL 2:1 line1: drop packet in id=4425 : UDP 209.244.0.4:53 -> 4.229.x45106
[19/Jan/2005 18:34:00] Packet filter: ACL 2:1 line1: drop packet in id=4430 : TCP 4.229.198.219:2008 -> 4.229.x:445
[19/Jan/2005 18:34:00] Packet filter: ACL 2:1 line1: drop packet in id=4433 : UDP 209.244.0.3:53 -> 4.229.x:45105
[19/Jan/2005 18:34:00] Packet filter: ACL 2:1 line1: drop packet in id=4434 : UDP 209.244.0.4:53 -> 4.229.x:45106
[19/Jan/2005 18:34:01] Packet filter: ACL 2:1 line1: drop packet in id=4440 : TCP 4.229.66.61:1843 -> 4.229.x:135
[19/Jan/2005 18:34:02] Packet filter: ACL 2:1 line1: drop packet in id=4441 : TCP 4.229.189.67:2385 -> 4.229.x:445
[19/Jan/2005 18:34:03] Packet filter: ACL 2:1 line1: drop packet in id=4442 : TCP 4.229.189.69:1518 -> 4.229.x:445
[19/Jan/2005 18:34:04] Packet filter: ACL 2:1 line1: drop packet in id=4445 : UDP 209.244.0.3:53 -> 4.229.x:45105
[19/Jan/2005 18:34:04] Packet filter: ACL 2:1 line1: drop packet in id=4446 : UDP 209.244.0.4:53 -> 4.229.x:45106
[19/Jan/2005 18:34:09] Packet filter: ACL 2:1 line1: drop packet in id=4449 : ICMP 128.242.106.66 -> 4.229.x type 3 code 10
[19/Jan/2005 18:34:14] Packet filter: ACL 2:1 line1: drop packet in id=4454 : ICMP 128.242.106.66 -> 4.229.x type 3 code 10
[19/Jan/2005 18:34:20] Packet filter: ACL 2:1 line1: drop packet in id=4456 : ICMP 128.242.106.66 -> 4.229.x type 3 code 10
[19/Jan/2005 18:34:20] Packet filter: ACL 2:1 line1: drop packet in id=4457 : Protocol 2, 209.244.187.136 -> 224.0.0.1
[19/Jan/2005 18:34:25] Packet filter: ACL 2:1 line1: drop packet in id=4459 : ICMP 128.242.106.66 -> 4.229.x type 3 code 10
[19/Jan/2005 18:34:25] Packet filter: ACL 2:1 line1: drop packet in id=4460 : TCP 4.229.141.250:2700 -> 4.229.x:445
[19/Jan/2005 18:34:28] Packet filter: ACL 2:1 line1: drop packet in id=4461 : TCP 4.229.189.69:3996 -> 4.229.x445
[19/Jan/2005 18:34:29] Packet filter: ACL 2:1 line1: drop packet in id=4462 : TCP 4.229.141.250:2700 -> 4.229.x:445
[19/Jan/2005 18:34:38] Packet filter: ACL 2:1 line1: drop packet in id=4466 : TCP 4.229.36.25:2596 -> 4.229.x:135

thanx in advanced,
Byan

I've edited out your personal IP address for your own privacy and security and moved this to networking where it may be a better fit.

I wasn't sure of which forum to put it into..
Networking seems to be more the hardware aspect of it
Sequirity seems to have to do with firewalls and such, which would have to do with preventing intrusions
Internet Software has to do with software protocals and such..


I was gonna edit out my IP but I had to leave soon, so I decided that giving my dynamic IP out (which is now something else), would not really matter..

I looked up what some of these ports are.., and I discovered that 135 is port the blaster worm uses, and 445 is the one that sasser uses, just about all the packets are to those ports..

so, I blocked out all TCP unestablished incoming packets.., and I can still surf the internet and such.., so its seems that all I need are the incoming udp packets....