Both UDP and TCP.

Essentially you have outgoing capacity, with your only incoming connectivity being based on your outgoing requests to an exposed ip/port.

This is pretty much the way browsing works. A host has a port (usually 80 or 443) exposed on their IP. Your browser makes a request to that port via a random outgoing port (regenerated every request). Your data is returned to that port and that port is then closed to incoming traffic (listening).

So to be clear, I am saying that the forced firewall would be rendering non-commercial clients incapable of listening on any port aside from outgoing requests made to exposed hosts. All data retrieved from the internet would have to be requested from an exposed port and returned to the exact port that requested it (after which the requesting port closes).

A VPN would still work fine, so long as it was hosted via a commercial internet service. The only issues being encryption with law enforcement backdoors and the VPN service being held liable for how its service is used.

Again, I'm not say this is going to happen (anytime relatively soon). This is just a thought experiment.

I do believe that one day, in a far away time, it will be this way. But by that time the devices we use won't be capable of running anything but a workstation that only has the internal resources to connect to a network, load data to ram and process graphics. The device would be nothing more than a tool for remote access to a virtual machine that runs on some cloud. Very far away stuff, but make no mistake it will end up there one day. There are companies using this already, like retailers (Wal-mart, Target, etc.).

For now I am just looking at firewalling and dynamic IPs.

I should add that connections can be made between firewalled clients. But it would require the aid of a non-firewalled host service.

This is how services like Skype could still be usable by firewalled users. So long as the Skype service is hosted on non-firewalled host, the service can help negotiate connection between users.

Thanks, I had no idea about this. I am presuming this is not universal with all cable companies. I appear to find a significant number of ultrapeers from countries worldwide that use cable.
I occasionally see ultrapeers with port 80 but this might be for a different reason. An example was one using Cabos but not using cable. I can verify a particular cable using host having used port 80 but they are using an app that can utilize forced ultrapeer mode. I've wondered if this is the case. (I'm against forced ultrapeer mode being available in apps except perhaps for testing. I talked bigjx into removing it from WireShare because it potentially damages the network if the host is firewalled.)

As for VPN, yeah no doubt people should do the research about each specific VPN. As a whole, USA might not be the best place to obtain one but that's purely IMHO from what I've read about each one's protection policies and potential for government or other interference.

I just noticed that I used the term 'cable' and it can also mean other things; I meant fiber-optic.

It wouldn't be so bad to have force ultrapeer, if it was only able to function as a way to initiate a network. Once a network was built up statistics should determine who is an ultrapeer. If the option is selected it should atleast be tested against someones firewall status. If you cannot listen from your external IP, then it should be forced disabled.

I think some apps will note behavior of ultrapeers that cannot preform as expected. Probably because some clients have an outdated idea of what good performance is, and haven't been updated to modern capacities (I haven't looked at enough client code to know).

Completely agree with you. The US is a ugly place right now. But you can see that disease ardently spreading.

It is interesting that they don't firewall cable to cable. Is there a big difference is speed between connection inside and outside the network?

I don't know but I think probably yes.

It isn't a real firewall, it is like a private LAN without the possibility of doing port forwarding or use UPnP.
All your PCs in the LAN see eachother directly, instead PCs over the internet see only the IP of your router and not the IPs of PCs in the LAN.

So all users of this ISP see every other directly, but they aren't seen directly from outside.
As example 100 different people (the number is an example) of this ISP may be seen from internet as having the same IP; if one website ban a single IP it is actually banning a lot of people.

The ISP is Fastweb and the eMule mod is "eMule AdunanzA".

Do they offer a business class account that provides you with an independent static IP and external port access or would you have to go through a different provider?

Does you modem receive an IPV4 or IPV6 address? I assume the external world IP is IPV4?

I don't know, I never tried it directly at my home but I have seen friends with Fastweb.
The IPV4 IPs start with "10."
I don't know about IPV6.